[PATCH v1 0/2] fs/squashfs: fix symlink load failure on large images

[Miquel Raynal]

Hello Allan,

On 14/05/2026 at 20:18:50 +02, Allan ELKAIM <allan.elkaim at gmail.com> wrote:

> sqfsload fails to load a file through a symlink when the squashfs
> image contains a large number of inodes (e.g. a rootfs that includes
> the tzdata timezone database).
>
> Root cause: sqfs_read_nest() resolves the symlink by calling itself
> recursively without first freeing the parent directory's inode and
> directory table buffers. This causes a temporary double allocation
> that can exhaust the U-Boot heap. When malloc() subsequently fails
> inside sqfs_read_directory_table(), the error goes undetected and
> sqfs_search_dir() is called with a NULL pos_list pointer, leading to:
>
>   Error: invalid inode reference to directory table.
>   Failed to load '/boot/Image'
>
> Patch 1 fixes the structural problem (temporary double allocation)
> and plugs the silent NULL pointer path in sqfs_read_directory_table().
> Patch 2 adds the missing return-value checks on sqfs_dir_offset() that
> turn any residual lookup failure into a clean error propagation.
>
> Both patches are independent and can be reviewed separately.
>
> The bug was first observed on U-Boot v2024.01 and is still present
> on v2026.04. The patches have been tested on a Raspberry Pi CM4
> running U-Boot v2026.04 (Yocto Scarthgap 5.0.17) with a 325 MB
> squashfs rootfs containing 22 517 inodes. The symlink
> /boot/Image -> Image-6.6.63-v8 now resolves successfully.
>
> This series addresses the bug reported at:
> https://lists.denx.de/pipermail/u-boot/2026-May/618533.html

I haven't looked very deeply but changes look good.

Acked-by: Miquel Raynal <miquel.raynal at bootlin.com>

I am adding Richard in case he wants to have a look.

Thanks,
Miquèl