RE: [PATCH v4] hfs: Validate CNIDs in hfs_read_inode

From: Viacheslav Dubeyko

Date: Tue Mar 17 2026 - 22:02:45 EST

On Wed, 2026-03-18 at 00:37 +0000, George Anthony Vernon wrote:
> Sorry I struggled to understand you here Slava, there's a little bit lost in
> translation I think.
>
> On Mon, Mar 16, 2026 at 09:50:14PM +0000, Viacheslav Dubeyko wrote:
> > by hfs_cat_find_brec(). But I cannot imagine that this logic can extract the
> > record with incorrect CNID. Because, it is the main goal of hfs_cat_find_brec()
> > logic to extract the record that contains requested CNID. And if we requested
>
> Do you mean that you do not think hfs_cat_find_brec *can* return a
> record with incorrect CNID, or that you do not think it *should*?
>
> I think Tetsuo is right that hfs_cat_find_brec() will return a catalog
> record with different CNID in case of a malformed thread record.
>
> On Mon, Mar 16, 2026 at 09:50:14PM +0000, Viacheslav Dubeyko wrote:
> > logic to extract the record that contains requested CNID. And if we requested
> > the HFS_ROOT_CNID, then this logic should return the record with exactly
> > requested CNID or return the error code if such record has not been found.
>
> Do you mean that hfs_cat_find_brec() should validate the CNID of the
> catalog record found by hfs_brec_find()? I'm worried that validating
> every B-tree lookup is going to be expensive. We could do it, however.
>
>

If you need to initialize the inode, then you need to find a file or a folder
record in Catalog File (b-tree). It means that there are two possible ways: (1)
find it by name, (2) find it by CNID.

If you know the name only, then you need to find a thread record by name. The
thread record contains associated CNID that can be used to find the final
file/folder record. It means that the second step is the searching the record by
using the CNID. If CNID is OK, then we can find the record. If it is not OK,
then we can find nothing or wrong record.

If we know CNID, then we can try to find the record by CNID directly. We will
fail to find the record if there is no record with such CNID. But you don't need
in thread record in the case of having CNID for the search.

Thanks,
Slava.