iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/fs/hfsplus
History
Edward Adam Davis 22999936b9 hfsplus: fix uninit-value in copy_name 
[ Upstream commit 0570730c16307a72f8241df12363f76600baf57d ]

[syzbot reported]
BUG: KMSAN: uninit-value in sized_strscpy+0xc4/0x160
 sized_strscpy+0xc4/0x160
 copy_name+0x2af/0x320 fs/hfsplus/xattr.c:411
 hfsplus_listxattr+0x11e9/0x1a50 fs/hfsplus/xattr.c:750
 vfs_listxattr fs/xattr.c:493 [inline]
 listxattr+0x1f3/0x6b0 fs/xattr.c:840
 path_listxattr fs/xattr.c:864 [inline]
 __do_sys_listxattr fs/xattr.c:876 [inline]
 __se_sys_listxattr fs/xattr.c:873 [inline]
 __x64_sys_listxattr+0x16b/0x2f0 fs/xattr.c:873
 x64_sys_call+0x2ba0/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:195
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Uninit was created at:
 slab_post_alloc_hook mm/slub.c:3877 [inline]
 slab_alloc_node mm/slub.c:3918 [inline]
 kmalloc_trace+0x57b/0xbe0 mm/slub.c:4065
 kmalloc include/linux/slab.h:628 [inline]
 hfsplus_listxattr+0x4cc/0x1a50 fs/hfsplus/xattr.c:699
 vfs_listxattr fs/xattr.c:493 [inline]
 listxattr+0x1f3/0x6b0 fs/xattr.c:840
 path_listxattr fs/xattr.c:864 [inline]
 __do_sys_listxattr fs/xattr.c:876 [inline]
 __se_sys_listxattr fs/xattr.c:873 [inline]
 __x64_sys_listxattr+0x16b/0x2f0 fs/xattr.c:873
 x64_sys_call+0x2ba0/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:195
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
[Fix]
When allocating memory to strbuf, initialize memory to 0.

Reported-and-tested-by: syzbot+efde959319469ff8d4d7@syzkaller.appspotmail.com
Signed-off-by: Edward Adam Davis <eadavis@qq.com>
Link: https://lore.kernel.org/r/tencent_8BBB6433BC9E1C1B7B4BDF1BF52574BA8808@qq.com
Reported-and-tested-by: syzbot+01ade747b16e9c8030e0@syzkaller.appspotmail.com
Signed-off-by: Christian Brauner <brauner@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2024-07-25 09:49:19 +02:00
..
attributes.c
hfsplus: fix crash and filesystem corruption when deleting files
2020-04-10 15:36:20 -07:00
bfind.c
bitmap.c
hfsplus: convert kmap() to kmap_local_page() in bitmap.c
2022-09-11 21:55:04 -07:00
bnode.c
hfsplus: convert kmap() to kmap_local_page() in bnode.c
2022-09-11 21:55:04 -07:00
brec.c
hfsplus: fix BUG on bnode parent update
2018-10-31 08:54:13 -07:00
btree.c
hfsplus: convert kmap() to kmap_local_page() in btree.c
2022-09-11 21:55:05 -07:00
catalog.c
hfsplus: prevent btree data loss on ENOSPC
2018-10-31 08:54:13 -07:00
dir.c
hfsplus: convert to fileattr
2021-04-12 15:04:29 +02:00
extents.c
hfsplus: Call hfsplus_write_begin() and generic_write_end() directly
2022-05-08 14:45:56 -04:00
hfsplus_fs.h
hfsplus: fix bug causing custom uid and gid being unable to be assigned with mount
2023-01-04 11:28:59 +01:00
hfsplus_raw.h
hfsplus: use struct_group_attr() for memcpy() region
2022-01-20 08:52:54 +02:00
inode.c
fs: hfsplus: remove WARN_ON() from hfsplus_cat_{read,write}_inode()
2023-05-24 17:32:34 +01:00
ioctl.c
hfsplus: convert to fileattr
2021-04-12 15:04:29 +02:00
Kconfig
treewide: Add SPDX license identifier - Makefile/Kconfig
2019-05-21 10:50:46 +02:00
Makefile
hfsplus: drop ACL support
2018-08-22 10:52:50 -07:00
options.c
hfsplus: fix bug causing custom uid and gid being unable to be assigned with mount
2023-01-04 11:28:59 +01:00
part_tbl.c
fs/hfsplus: Use the enum req_op and blk_opf_t types
2022-07-14 12:14:32 -06:00
super.c
fs: hfsplus: fix UAF issue in hfsplus_put_super
2023-03-10 09:34:07 +01:00
tables.c
unicode.c
treewide: Remove uninitialized_var() usage
2020-07-16 12:35:15 -07:00
wrapper.c
fs/hfsplus: Use the enum req_op and blk_opf_t types
2022-07-14 12:14:32 -06:00
xattr_security.c
acl: handle idmapped mounts
2021-01-24 14:27:17 +01:00
xattr_trusted.c
acl: handle idmapped mounts
2021-01-24 14:27:17 +01:00
xattr_user.c
acl: handle idmapped mounts
2021-01-24 14:27:17 +01:00
xattr.c
hfsplus: fix uninit-value in copy_name
2024-07-25 09:49:19 +02:00
xattr.h
hfsplus: drop ACL support
2018-08-22 10:52:50 -07:00