From e9cd7dfd7ef939394436ef6d03ff156e587ba39e Mon Sep 17 00:00:00 2001 From: Sascha Hauer Date: Mon, 1 Apr 2019 15:00:44 +0200 Subject: ubifs: Do not skip hash checking in data nodes UBIFS bails out early from try_read_node() when it doesn't have to check the CRC. Still the node hash has to be checked, otherwise wrong data could be sneaked into the FS. Fix this by not bailing out early and always checking the node hash. Fixes: 16a26b20d2af ("ubifs: authentication: Add hashes to index nodes") Signed-off-by: Sascha Hauer Signed-off-by: Richard Weinberger --- fs/ubifs/tnc.c | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) (limited to 'fs/ubifs') diff --git a/fs/ubifs/tnc.c b/fs/ubifs/tnc.c index 25572ffea163..ebf8c26f5b22 100644 --- a/fs/ubifs/tnc.c +++ b/fs/ubifs/tnc.c @@ -479,14 +479,13 @@ static int try_read_node(const struct ubifs_info *c, void *buf, int type, if (node_len != len) return 0; - if (type == UBIFS_DATA_NODE && c->no_chk_data_crc && !c->mounting && - !c->remounting_rw) - return 1; - - crc = crc32(UBIFS_CRC32_INIT, buf + 8, node_len - 8); - node_crc = le32_to_cpu(ch->crc); - if (crc != node_crc) - return 0; + if (type != UBIFS_DATA_NODE || !c->no_chk_data_crc || c->mounting || + c->remounting_rw) { + crc = crc32(UBIFS_CRC32_INIT, buf + 8, node_len - 8); + node_crc = le32_to_cpu(ch->crc); + if (crc != node_crc) + return 0; + } err = ubifs_node_check_hash(c, buf, zbr->hash); if (err) { -- cgit v1.2.3