[PATCH v2 1/2] jffs2: validate symlink size in jffs2_do_read_inode_internal()
Xi Wang
xi.wang at gmail.com
Sun Apr 29 17:45:54 EDT 2012
On Apr 29, 2012, at 11:44 AM, Artem Bityutskiy wrote:
>
> I think your commit message is a not general enough because it talks
> about 0xFFFFFFFF value, but there may be any other large value as well.
> I've added the following cause to the commit message and pushed both
> patches to l2-mtd.git, thanks! Please, verify.
>
> The clause:
>
> "Artem: we actually validate csize by checking CRC, so this 0xFFs cannot
> come from empty flash region. But I guess an attacker could feed JFFS2
> an image with random csize value, including 0xFFs."
Looks good to me. Thanks!
- xi
More information about the linux-mtd
mailing list