Commit 0dd50252 authored by Jan Kara's avatar Jan Kara Committed by Zheng Zengkai
Browse files

udf: Restore i_lenAlloc when inode expansion fails 

mainline inclusion
from mainline-v5.17-rc2
commit ea856919
category: bugfix
bugzilla: 186269 https://gitee.com/openeuler/kernel/issues/I4UATL?from=project-issue


CVE: CVE-2022-0617

--------------------------------

When we fail to expand inode from inline format to a normal format, we
restore inode to contain the original inline formatting but we forgot to
set i_lenAlloc back. The mismatch between i_lenAlloc and i_size was then
causing further problems such as warnings and lost data down the line.

Reported-by: default avatarbutt3rflyh4ck <butterflyhuangxx@gmail.com>
CC: stable@vger.kernel.org
Fixes: 7e49b6f2 ("udf: Convert UDF to new truncate calling sequence")
Reviewed-by: default avatarChristoph Hellwig <hch@lst.de>
Signed-off-by: default avatarJan Kara <jack@suse.cz>
Signed-off-by: default avatarZhang Wensheng <zhangwensheng5@huawei.com>
Reviewed-by: default avatarZhang Yi <yi.zhang@huawei.com>
Reviewed-by: default avatarXiu Jianfeng <xiujianfeng@huawei.com>
Signed-off-by: default avatarZheng Zengkai <zhengzengkai@huawei.com>
parent 7f2ba6e5
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment