[PATCH 2/4] squashfs: Fix integer overflow in sqfs_inode_size()

Miquel Raynal miquel.raynal at bootlin.com
Wed Jul 17 09:59:44 CEST 2024


Hi Richard,

richard at nod.at wrote on Fri, 12 Jul 2024 10:23:42 +0200:

> A carefully crafted squashfs filesystem can exhibit an extremly large
> inode size and overflow the calculation in sqfs_inode_size().
> As a consequence, the squashfs driver will read from wrong locations.
> 
> Fix by using __builtin_add_overflow() to detect the overflow.
> 
> Signed-off-by: Richard Weinberger <richard at nod.at>

Reviewed-by: Miquel Raynal <miquel.raynal at bootlin.com>

Thanks,
Miquèl


More information about the U-Boot mailing list