tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

fs/ntfs3: terminate the cached volume label after UTF-8 conversion

ntfs_fill_super() loads the on-disk volume label with utf16s_to_utf8s()
and stores the result in sbi->volume.label. The converted label is later
exposed through ntfs3_label_show() using %s, but utf16s_to_utf8s() only
returns the number of bytes written and does not add a trailing NUL.

If the converted label fills the entire fixed buffer,
ntfs3_label_show() can read past the end of sbi->volume.label while
looking for a terminator.

Terminate the cached label explicitly after a successful conversion and
clamp the exact-full case to the last byte of the buffer.

Fixes: 82cae269cfa9 ("fs/ntfs3: Add initialization of super block")
Signed-off-by: Pengpeng Hou <pengpeng@iscas.ac.cn>
Signed-off-by: Konstantin Komarov <almaz.alexandrovich@paragon-software.com>

authored by

Pengpeng Hou and committed by
Konstantin Komarov a6cd43fe d1062683

+6 -1
+6 -1
fs/ntfs3/super.c
··· 1339 1339 le32_to_cpu(attr->res.data_size) >> 1, 1340 1340 UTF16_LITTLE_ENDIAN, sbi->volume.label, 1341 1341 sizeof(sbi->volume.label)); 1342 - if (err < 0) 1342 + if (err < 0) { 1343 1343 sbi->volume.label[0] = 0; 1344 + } else if (err >= sizeof(sbi->volume.label)) { 1345 + sbi->volume.label[sizeof(sbi->volume.label) - 1] = 0; 1346 + } else { 1347 + sbi->volume.label[err] = 0; 1348 + } 1344 1349 } else { 1345 1350 /* Should we break mounting here? */ 1346 1351 //err = -EINVAL;