sqfsload fails to load a file through a symlink when the squashfs image contains a large number of inodes (e.g. a rootfs that includes the tzdata timezone database).
Root cause: sqfs_read_nest() resolves the symlink by calling itself recursively without first freeing the parent directory's inode and directory table buffers. This causes a temporary double allocation that can exhaust the U-Boot heap. When malloc() subsequently fails inside sqfs_read_directory_table(), the error goes undetected and sqfs_search_dir() is called with a NULL pos_list pointer, leading to: Error: invalid inode reference to directory table. Failed to load '/boot/Image' Patch 1 fixes the structural problem (temporary double allocation) and plugs the silent NULL pointer path in sqfs_read_directory_table(). Patch 2 adds the missing return-value checks on sqfs_dir_offset() that turn any residual lookup failure into a clean error propagation. Both patches are independent and can be reviewed separately. The bug was first observed on U-Boot v2024.01 and is still present on v2026.04. The patches have been tested on a Raspberry Pi CM4 running U-Boot v2026.04 (Yocto Scarthgap 5.0.17) with a 325 MB squashfs rootfs containing 22 517 inodes. The symlink /boot/Image -> Image-6.6.63-v8 now resolves successfully. This series addresses the bug reported at: https://lists.denx.de/pipermail/u-boot/2026-May/618533.html Allan ELKAIM (2): fs/squashfs: fix heap exhaustion during symlink resolution fs/squashfs: add sqfs_dir_offset() error checks fs/squashfs/sqfs.c | 32 ++++++++++++++++++++++++++++++-- 1 file changed, 30 insertions(+), 2 deletions(-) -- 2.53.0 base-commit: 88dc2788777babfd6322fa655df549a019aa1e69
