When `c_root_xattr_isize` is too large, `i_xattr_icount` will overflow,
resulting in silent corruption of the filesystem image. This patch performs
checks in advance and reports errors.
Fixes: 8f93c2f83962 ("erofs-utils: mkfs: support inline xattr reservation for
rootdirs")
Signed-off-by: Hongzhen Luo <[email protected]>
---
lib/inode.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/lib/inode.c b/lib/inode.c
index f553becb0be0..e2888a439484 100644
--- a/lib/inode.c
+++ b/lib/inode.c
@@ -1717,6 +1717,12 @@ static int erofs_mkfs_dump_tree(struct erofs_inode
*root, bool rebuild,
list_del(&root->i_hash);
erofs_insert_ihash(root);
} else if (cfg.c_root_xattr_isize) {
+ if (cfg.c_root_xattr_isize > EROFS_XATTR_ALIGN(
+ UINT16_MAX - sizeof(struct erofs_xattr_entry)))
{
+ erofs_err("Invalid configuration for
c_root_xattr_isize: %u (too large)",
+ cfg.c_root_xattr_isize);
+ return -EINVAL;
+ }
root->xattr_isize = cfg.c_root_xattr_isize;
}
--
2.43.5
