I just found a bug in this. The new check is actually too strict
and prevents some valid cases from working correctly.
Please ignore this version. I'll send an update once I'm sure I've got
it right.
Matt
On 2/11/26 10:05 AM, Matthew Sakai wrote:
Verify that the loaded zone count is in the valid range
before using it as a loop iterator.
Signed-off-by: Matthew Sakai <[email protected]>
---
drivers/md/dm-vdo/indexer/index-layout.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/drivers/md/dm-vdo/indexer/index-layout.c
b/drivers/md/dm-vdo/indexer/index-layout.c
index 61edf2b72427..37144249f7ba 100644
--- a/drivers/md/dm-vdo/indexer/index-layout.c
+++ b/drivers/md/dm-vdo/indexer/index-layout.c
@@ -1445,6 +1445,9 @@ static int __must_check reconstruct_index_save(struct
index_save_layout *isl,
u64 last_block = next_block + isl->index_save.block_count;
isl->zone_count = table->header.region_count - 3;
+ if (isl->zone_count > MAX_ZONES)
+ return vdo_log_error_strerror(UDS_CORRUPT_DATA,
+ "invalid zone count");
last_region = &table->regions[table->header.region_count - 1];
if (last_region->kind == RL_KIND_EMPTY) {
