Re: [f2fs-dev] [PATCH] f2fs: fix listxattr handling of corrupted xattr entries

Sun, 21 Jun 2026 18:24:41 -0700 

On 6/19/26 04:01, Keshav Verma wrote:

Validate the xattr entry before reading its fields in f2fs_listxattr().
Return -EFSCORRUPTED when the entry is outside the valid xattr storage
area instead of returning a successful partial result.



Fixes line and Cc: [email protected]


Signed-off-by: Keshav Verma <[email protected]>


Reviewed-by: Chao Yu <[email protected]>

Thanks,


---
  fs/f2fs/xattr.c | 7 ++++---
  1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/fs/f2fs/xattr.c b/fs/f2fs/xattr.c
index 610d5810074d..18f495db20d2 100644
--- a/fs/f2fs/xattr.c
+++ b/fs/f2fs/xattr.c
@@ -581,8 +581,6 @@ ssize_t f2fs_listxattr(struct dentry *dentry, char *buffer, 
size_t buffer_size)
                size_t prefix_len;
                size_t size;
- prefix = f2fs_xattr_prefix(entry->e_name_index, dentry); 
-
                if ((void *)(entry) + sizeof(__u32) > last_base_addr ||
                        (void *)XATTR_NEXT_ENTRY(entry) > last_base_addr) {
                        f2fs_err(F2FS_I_SB(inode), "list inode (%llu) has corrupted 
xattr",
@@ -590,9 +588,12 @@ ssize_t f2fs_listxattr(struct dentry *dentry, char 
*buffer, size_t buffer_size)
                        set_sbi_flag(F2FS_I_SB(inode), SBI_NEED_FSCK);
                        f2fs_handle_error(F2FS_I_SB(inode),
                                                ERROR_CORRUPTED_XATTR);
-                       break;
+                       error = -EFSCORRUPTED;
+                       goto cleanup;
                }
+ prefix = f2fs_xattr_prefix(entry->e_name_index, dentry); 
+
                if (!prefix)
                        continue;




_______________________________________________
Linux-f2fs-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel

Reply via email to