Gitiles
Code Review Sign In
git01.mediatek.com / filogic / uboot / 8d42c7b4447aac9fa128998075e961204e197510
commit8d42c7b4447aac9fa128998075e961204e197510[log] [tgz]
authorRichard Weinberger <richard@nod.at>Fri Aug 02 18:36:47 2024 +0200
committerTom Rini <trini@konsulko.com>Thu Aug 15 16:14:36 2024 -0600
tree201c9c347730ed88a64c748a7fcc75af23ba6283
parente8db3d92455592cecbf8f2dbb75548001b3ad084 [diff]
squashfs: Fix stack overflow while symlink resolving

The squashfs driver blindly follows symlinks, and calls sqfs_size()
recursively. So an attacker can create a crafted filesystem and with
a deep enough nesting level a stack overflow can be achieved.

Fix by limiting the nesting level to 8.

Signed-off-by: Richard Weinberger <richard@nod.at>
Reviewed-by: Miquel Raynal <miquel.raynal@bootlin.com>
1 file changed
tree: 201c9c347730ed88a64c748a7fcc75af23ba6283
  1. .github/
  2. api/
  3. arch/
  4. board/
  5. boot/
  6. cmd/
  7. common/
  8. configs/
  9. disk/
  10. doc/
  11. drivers/
  12. dts/
  13. env/
  14. examples/
  15. fs/
  16. include/
  17. lib/
  18. Licenses/
  19. net/
  20. post/
  21. scripts/
  22. test/
  23. tools/
  24. .azure-pipelines.yml
  25. .checkpatch.conf
  26. .get_maintainer.conf
  27. .get_maintainer.ignore
  28. .gitattributes
  29. .gitignore
  30. .gitlab-ci.yml
  31. .mailmap
  32. .readthedocs.yml
  33. config.mk
  34. Kbuild
  35. Kconfig
  36. MAINTAINERS
  37. Makefile
  38. README