The following commit has been merged in the linux branch: commit 5c36fe3d87b3f0c85894a49193c66096a3d6b26f Author: Ben Hutchings ben@decadent.org.uk Date: Mon Oct 26 16:49:51 2009 -0700
hfsplus: refuse to mount volumes larger than 2TB
As found in http://bugs.debian.org/550010, hfsplus is using type u32 rather than sector_t for some sector number calculations.
In particular, hfsplus_get_block() does:
u32 ablock, dblock, mask; ... map_bh(bh_result, sb, (dblock << HFSPLUS_SB(sb).fs_shift) + HFSPLUS_SB(sb).blockoffset + (iblock & mask));
I am not confident that I can find and fix all cases where a sector number may be truncated. For now, avoid data loss by refusing to mount HFS+ volumes with more than 2^32 sectors (2TB).
[akpm@linux-foundation.org: fix 32 and 64-bit issues] Signed-off-by: Ben Hutchings ben@decadent.org.uk Cc: Eric Sesterhenn snakebyte@gmx.de Cc: Roman Zippel zippel@linux-m68k.org Cc: stable@kernel.org Signed-off-by: Andrew Morton akpm@linux-foundation.org Signed-off-by: Linus Torvalds torvalds@linux-foundation.org
diff --git a/fs/hfsplus/wrapper.c b/fs/hfsplus/wrapper.c index 175d08e..bed78ac 100644 --- a/fs/hfsplus/wrapper.c +++ b/fs/hfsplus/wrapper.c @@ -99,6 +99,10 @@ int hfsplus_read_wrapper(struct super_block *sb)
if (hfsplus_get_last_session(sb, &part_start, &part_size)) return -EINVAL; + if ((u64)part_start + part_size > 0x100000000ULL) { + pr_err("hfs: volumes larger than 2TB are not supported yet\n"); + return -EINVAL; + } while (1) { bh = sb_bread512(sb, part_start + HFSPLUS_VOLHEAD_SECTOR, vhdr); if (!bh)