• Jan Kara's avatar
    udf: Avoid infinite loop when processing indirect ICBs · 8ec4e978
    Jan Kara authored
    commit c03aa9f6 upstream.
    
    We did not implement any bound on number of indirect ICBs we follow when
    loading inode. Thus corrupted medium could cause kernel to go into an
    infinite loop, possibly causing a stack overflow.
    
    Fix the possible stack overflow by removing recursion from
    __udf_read_inode() and limit number of indirect ICBs we follow to avoid
    infinite loops.
    Signed-off-by: default avatarJan Kara <jack@suse.cz>
    Cc: Chuck Ebbert <cebbert.lkml@gmail.com>
    Signed-off-by: default avatarJiri Slaby <jslaby@suse.cz>
    8ec4e978
inode.c 64.9 KB