The longest name length for file is BCH_NAME_MAX in bcachefs. When looking up a longer path, it does not check this limit. So we add the validation for this to avoid undetermined risk.
Signed-off-by: Hongbo Li <[email protected]> --- fs/bcachefs/fs.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/fs/bcachefs/fs.c b/fs/bcachefs/fs.c index fd01a5402c28..f8da598ca9f8 100644 --- a/fs/bcachefs/fs.c +++ b/fs/bcachefs/fs.c @@ -474,6 +474,9 @@ static struct dentry *bch2_lookup(struct inode *vdir, struct dentry *dentry, struct bch_inode_info *dir = to_bch_ei(vdir); struct bch_hash_info hash = bch2_hash_info_init(c, &dir->ei_inode); + if (dentry->d_name.len > BCH_NAME_MAX) + return ERR_PTR(-ENAMETOOLONG); + struct bch_inode_info *inode; bch2_trans_do(c, NULL, NULL, 0, PTR_ERR_OR_ZERO(inode = bch2_lookup_trans(trans, inode_inum(dir), -- 2.34.1
