[PATCH v3 8/9] fs: Report errors for out-of-bounds protect operations
Sascha Hauer
s.hauer at pengutronix.de
Wed Jun 25 00:11:37 PDT 2025
On Wed, Jun 25, 2025 at 07:45:39AM +0200, Ahmad Fatoum wrote:
> Hi,
>
> On 17.06.25 09:56, Sascha Hauer wrote:
> >> - if (count > f->f_size - offset)
> >> - count = f->f_size - offset;
> >> + return errno_set(-ENXIO);
> >> + if (!count || count > f->f_size - offset)
> >> + return errno_set(-EINVAL);
> >
> > This breaks the saveenv command which does a
> >
> > ret = protect(envfd, ~0, 0, 0);
> >
> > to unprotect the environment sector. Try on a board with environment in
> > SPI flash.
>
> Just ran into this as well. It's easy to reproduce with QEMU.
Nah, I shouldn't have applied this series. Oleksij sending two
additional patches somehow trapped me into thinking that with these two
patches that with these everything would be fine.
For now I have dropped this particular patch from -next.
Sascha
--
Pengutronix e.K. | |
Steuerwalder Str. 21 | http://www.pengutronix.de/ |
31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
More information about the barebox
mailing list