From: Eric Biggers <ebiggers@google.com>
Date: Sat, 3 Mar 2018 00:59:17 +0000 (-0800)
Subject: e2fsck: validate that fscrypt_symlink_data.len is not too large
X-Git-Tag: v1.44.0-rc2~7^2
X-Git-Url: https://git.whamcloud.com/?a=commitdiff_plain;h=0af827988f07386898efdf83271900f91eb507b1;p=tools%2Fe2fsprogs.git

e2fsck: validate that fscrypt_symlink_data.len is not too large

Make e2fsck start validating that the ciphertext length stored in the
header of an encrypted symlink target, plus the header itself, is no
larger than a filesystem block.  Previously e2fsck only verified that
this size is not exactly equal to a filesystem block.  This was
sufficient for unencrypted symlinks, where the "actual length" is
computed using strnlen(), but not for encrypted symlinks; the kernel
also considers encrypted symlinks with too-large ciphertext length to be
invalid.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
---

diff --git a/e2fsck/pass1.c b/e2fsck/pass1.c
index 421fa28..975f3f1 100644
--- a/e2fsck/pass1.c
+++ b/e2fsck/pass1.c
@@ -243,7 +243,7 @@ int e2fsck_pass1_check_symlink(ext2_filsys fs, ext2_ino_t ino,
 		} else {
 			len = strnlen(buf, fs->blocksize);
 		}
-		if (len == fs->blocksize)
+		if (len >= fs->blocksize)
 			return 0;
 	} else if (inode->i_flags & EXT4_INLINE_DATA_FL) {
 		char *inline_buf = NULL;