• Darrick J. Wong's avatar
    xfs: convert flex-array declarations in xfs attr leaf blocks · a49bbce5
    Darrick J. Wong authored
    As of 6.5-rc1, UBSAN trips over the ondisk extended attribute leaf block
    definitions using an array length of 1 to pretend to be a flex array.
    Kernel compilers have to support unbounded array declarations, so let's
    correct this.
    
    ================================================================================
    UBSAN: array-index-out-of-bounds in fs/xfs/libxfs/xfs_attr_leaf.c:2535:24
    index 2 is out of range for type '__u8 [1]'
    Call Trace:
     <TASK>
     dump_stack_lvl+0x33/0x50
     __ubsan_handle_out_of_bounds+0x9c/0xd0
     xfs_attr3_leaf_getvalue+0x2ce/0x2e0 [xfs 4a986a89a77bb77402ab8a87a37da369ef6a3f09]
     xfs_attr_leaf_get+0x148/0x1c0 [xfs 4a986a89a77bb77402ab8a87a37da369ef6a3f09]
     xfs_attr_get_ilocked+0xae/0x110 [xfs 4a986a89a77bb77402ab8a87a37da369ef6a3f09]
     xfs_attr_get+0xee/0x150 [xfs 4a986a89a77bb77402ab8a87a37da369ef6a3f09]
     xfs_xattr_get+0x7d/0xc0 [xfs 4a986a89a77bb77402ab8a87a37da369ef6a3f09]
     __vfs_getxattr+0xa3/0x100
     vfs_getxattr+0x87/0x1d0
     do_getxattr+0x17a/0x220
     getxattr+0x89/0xf0
    Signed-off-by: default avatarDarrick J. Wong <djwong@kernel.org>
    Reviewed-by: default avatarChristoph Hellwig <hch@lst.de>
    Reviewed-by: default avatarKees Cook <keescook@chromium.org>
    a49bbce5
xfs_ondisk.h 8.73 KB