| From: Theodore Ts'o <tytso@mit.edu> |
| Date: Wed, 19 Dec 2018 12:28:13 -0500 |
| Subject: ext4: include terminating u32 in size of xattr entries when expanding |
| inodes |
| |
| commit a805622a757b6d7f65def4141d29317d8e37b8a1 upstream. |
| |
| In ext4_expand_extra_isize_ea(), we calculate the total size of the |
| xattr header, plus the xattr entries so we know how much of the |
| beginning part of the xattrs to move when expanding the inode extra |
| size. We need to include the terminating u32 at the end of the xattr |
| entries, or else if there is uninitialized, non-zero bytes after the |
| xattr entries and before the xattr values, the list of xattr entries |
| won't be properly terminated. |
| |
| Reported-by: Steve Graham <stgraham2000@gmail.com> |
| Signed-off-by: Theodore Ts'o <tytso@mit.edu> |
| [bwh: Backported to 3.16: adjust context] |
| Signed-off-by: Ben Hutchings <ben@decadent.org.uk> |
| --- |
| fs/ext4/xattr.c | 2 +- |
| 1 file changed, 1 insertion(+), 1 deletion(-) |
| |
| --- a/fs/ext4/xattr.c |
| +++ b/fs/ext4/xattr.c |
| @@ -1340,7 +1340,7 @@ retry: |
| end = (void *)raw_inode + EXT4_SB(inode->i_sb)->s_inode_size; |
| min_offs = end - base; |
| last = entry; |
| - total_ino = sizeof(struct ext4_xattr_ibody_header); |
| + total_ino = sizeof(struct ext4_xattr_ibody_header) + sizeof(u32); |
| |
| error = xattr_check_inode(inode, header, end); |
| if (error) |