]> git.dujemihanovic.xyz Git - u-boot.git/commit
projects / u-boot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3fb1df1) | patch
squashfs: Fix stack overflow while symlink resolving
authorRichard Weinberger <richard@nod.at>
Fri, 2 Aug 2024 16:36:47 +0000 (18:36 +0200)
committerTom Rini <trini@konsulko.com>
Thu, 15 Aug 2024 22:14:36 +0000 (16:14 -0600)
commit4f5cc096bfd0a591f8a11e86999e3d90a9484c34
tree201c9c347730ed88a64c748a7fcc75af23ba6283tree | snapshot
parent3fb1df1e57ee26f4b92932de804ef265e5ae0d3bcommit | diff
squashfs: Fix stack overflow while symlink resolving

The squashfs driver blindly follows symlinks, and calls sqfs_size()
recursively. So an attacker can create a crafted filesystem and with
a deep enough nesting level a stack overflow can be achieved.

Fix by limiting the nesting level to 8.

Signed-off-by: Richard Weinberger <richard@nod.at>
Reviewed-by: Miquel Raynal <miquel.raynal@bootlin.com>
fs/squashfs/sqfs.c diff | blob | history
My U-Boot fork