CVE-2023-54130

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> hfs/hfsplus: avoid WARN_ON() for sanity check, use proper error handling<br /> <br /> Commit 55d1cbbbb29e ("hfs/hfsplus: use WARN_ON for sanity check") fixed<br /> a build warning by turning a comment into a WARN_ON(), but it turns out<br /> that syzbot then complains because it can trigger said warning with a<br /> corrupted hfs image.<br /> <br /> The warning actually does warn about a bad situation, but we are much<br /> better off just handling it as the error it is. So rather than warn<br /> about us doing bad things, stop doing the bad things and return -EIO.<br /> <br /> While at it, also fix a memory leak that was introduced by an earlier<br /> fix for a similar syzbot warning situation, and add a check for one case<br /> that historically wasn&amp;#39;t handled at all (ie neither comment nor<br /> subsequent WARN_ON).