[PATCH 1/1] udf: fix silent AED tagLocation corruption

From: Steve Magnani
Date: Thu Jan 07 2021 - 18:43:17 EST

Next message: Steve Magnani: "[PATCH 0/1] udf: fix silent AED tagLocation corruption"
Previous message: Philip Chen: "[PATCH v4 1/2] dt-bindings: input: cros-ec-keyb: Add a new property"
In reply to: Steve Magnani: "[PATCH 0/1] udf: fix silent AED tagLocation corruption"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Steven J. Magnani <magnani@xxxxxxxx>

When extending a file, make sure that the pointer to the last written
extent does not get adjusted into the header (tag) portion of an
Allocation Extent Descriptor. Otherwise, a subsequent call to
udf_update_exents() can clobber the AED's tagLocation field, replacing
it with the logical block number of a file extent.

Signed-off-by: Steven J. Magnani <magnani@xxxxxxxx>
---
--- a/fs/udf/inode.c 2020-12-28 20:51:29.000000000 -0600
+++ b/fs/udf/inode.c 2021-01-01 19:20:37.163767576 -0600
@@ -547,11 +547,14 @@ static int udf_do_extend_file(struct ino

udf_write_aext(inode, last_pos, &last_ext->extLocation,
last_ext->extLength, 1);
- /*
- * We've rewritten the last extent but there may be empty
- * indirect extent after it - enter it.
- */
- udf_next_aext(inode, last_pos, &tmploc, &tmplen, 0);
+
+ if (new_block_bytes || prealloc_len) {
+ /*
+ * We've rewritten the last extent but there may be empty
+ * indirect extent after it - enter it.
+ */
+ udf_next_aext(inode, last_pos, &tmploc, &tmplen, 0);
+ }
}

/* Managed to do everything necessary? */

Next message: Steve Magnani: "[PATCH 0/1] udf: fix silent AED tagLocation corruption"
Previous message: Philip Chen: "[PATCH v4 1/2] dt-bindings: input: cros-ec-keyb: Add a new property"
In reply to: Steve Magnani: "[PATCH 0/1] udf: fix silent AED tagLocation corruption"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]