From: OGAWA Hirofumi <hirof...@mail.parknet.co.jp> [ Upstream commit b1b65750b8db67834482f758fc385bfa7560d228 ]
If FAT length == 0, the image doesn't have any data. And it can be the cause of overlapping the root dir and FAT entries. Also Windows treats it as invalid format. Reported-by: syzbot+6f1624f937d9d6911...@syzkaller.appspotmail.com Signed-off-by: OGAWA Hirofumi <hirof...@mail.parknet.co.jp> Signed-off-by: Andrew Morton <a...@linux-foundation.org> Cc: Marco Elver <el...@google.com> Cc: Dmitry Vyukov <dvyu...@google.com> Link: http://lkml.kernel.org/r/87r1wz8mrd....@mail.parknet.co.jp Signed-off-by: Linus Torvalds <torva...@linux-foundation.org> Signed-off-by: Sasha Levin <sas...@kernel.org> --- fs/fat/inode.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/fs/fat/inode.c b/fs/fat/inode.c index f0387d040331..9af410142f78 100644 --- a/fs/fat/inode.c +++ b/fs/fat/inode.c @@ -1512,6 +1512,12 @@ static int fat_read_bpb(struct super_block *sb, struct fat_boot_sector *b, goto out; } + if (bpb->fat_fat_length == 0 && bpb->fat32_length == 0) { + if (!silent) + fat_msg(sb, KERN_ERR, "bogus number of FAT sectors"); + goto out; + } + error = 0; out: -- 2.25.1
