[f2fs-dev] f2fs: explicitly null-terminate the xattr list

Commit Message

Eric Biggers Nov. 7, 2023, 4:44 a.m. UTC

From: Eric Biggers <ebiggers@google.com>

When setting an xattr, explicitly null-terminate the xattr list.  This
eliminates the fragile assumption that the unused xattr space is always
zeroed.

Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 fs/f2fs/xattr.c | 6 ++++++
 1 file changed, 6 insertions(+)


base-commit: be3ca57cfb777ad820c6659d52e60bbdd36bf5ff

Comments

Chao Yu Nov. 7, 2023, 3:17 p.m. UTC | #1

On 2023/11/7 12:44, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@google.com>
> 
> When setting an xattr, explicitly null-terminate the xattr list.  This
> eliminates the fragile assumption that the unused xattr space is always
> zeroed.
> 
> Signed-off-by: Eric Biggers <ebiggers@google.com>

Reviewed-by: Chao Yu <chao@kernel.org>

Thanks,

Patch

diff --git a/fs/f2fs/xattr.c b/fs/f2fs/xattr.c
index 47e88b4d4e7d0..a8fc2cac68799 100644
--- a/fs/f2fs/xattr.c
+++ b/fs/f2fs/xattr.c
@@ -747,20 +747,26 @@  static int __f2fs_setxattr(struct inode *inode, int index,
 		 * Before we come here, old entry is removed.
 		 * We just write new entry.
 		 */
 		last->e_name_index = index;
 		last->e_name_len = len;
 		memcpy(last->e_name, name, len);
 		pval = last->e_name + len;
 		memcpy(pval, value, size);
 		last->e_value_size = cpu_to_le16(size);
 		new_hsize += newsize;
+		/*
+		 * Explicitly add the null terminator.  The unused xattr space
+		 * is supposed to always be zeroed, which would make this
+		 * unnecessary, but don't depend on that.
+		 */
+		*(u32 *)((u8 *)last + newsize) = 0;
 	}
 
 	error = write_all_xattrs(inode, new_hsize, base_addr, ipage);
 	if (error)
 		goto exit;
 
 	if (index == F2FS_XATTR_INDEX_ENCRYPTION &&
 			!strcmp(name, F2FS_XATTR_NAME_ENCRYPTION_CONTEXT))
 		f2fs_set_encrypted_inode(inode);
 	if (S_ISDIR(inode->i_mode))