iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/fs/hfsplus
History
Edward Adam Davis f08956d8e0 hfsplus: fix uninit-value in copy_name 
[ Upstream commit 0570730c16307a72f8241df12363f76600baf57d ]

[syzbot reported]
BUG: KMSAN: uninit-value in sized_strscpy+0xc4/0x160
 sized_strscpy+0xc4/0x160
 copy_name+0x2af/0x320 fs/hfsplus/xattr.c:411
 hfsplus_listxattr+0x11e9/0x1a50 fs/hfsplus/xattr.c:750
 vfs_listxattr fs/xattr.c:493 [inline]
 listxattr+0x1f3/0x6b0 fs/xattr.c:840
 path_listxattr fs/xattr.c:864 [inline]
 __do_sys_listxattr fs/xattr.c:876 [inline]
 __se_sys_listxattr fs/xattr.c:873 [inline]
 __x64_sys_listxattr+0x16b/0x2f0 fs/xattr.c:873
 x64_sys_call+0x2ba0/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:195
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Uninit was created at:
 slab_post_alloc_hook mm/slub.c:3877 [inline]
 slab_alloc_node mm/slub.c:3918 [inline]
 kmalloc_trace+0x57b/0xbe0 mm/slub.c:4065
 kmalloc include/linux/slab.h:628 [inline]
 hfsplus_listxattr+0x4cc/0x1a50 fs/hfsplus/xattr.c:699
 vfs_listxattr fs/xattr.c:493 [inline]
 listxattr+0x1f3/0x6b0 fs/xattr.c:840
 path_listxattr fs/xattr.c:864 [inline]
 __do_sys_listxattr fs/xattr.c:876 [inline]
 __se_sys_listxattr fs/xattr.c:873 [inline]
 __x64_sys_listxattr+0x16b/0x2f0 fs/xattr.c:873
 x64_sys_call+0x2ba0/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:195
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
[Fix]
When allocating memory to strbuf, initialize memory to 0.

Reported-and-tested-by: syzbot+efde959319469ff8d4d7@syzkaller.appspotmail.com
Signed-off-by: Edward Adam Davis <eadavis@qq.com>
Link: https://lore.kernel.org/r/tencent_8BBB6433BC9E1C1B7B4BDF1BF52574BA8808@qq.com
Reported-and-tested-by: syzbot+01ade747b16e9c8030e0@syzkaller.appspotmail.com
Signed-off-by: Christian Brauner <brauner@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2024-07-25 09:50:56 +02:00
..
attributes.c
hfsplus: fix crash and filesystem corruption when deleting files
2020-04-10 15:36:20 -07:00
bfind.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
bitmap.c
hfsplus: convert kmap() to kmap_local_page() in bitmap.c
2022-09-11 21:55:04 -07:00
bnode.c
hfsplus: convert kmap() to kmap_local_page() in bnode.c
2022-09-11 21:55:04 -07:00
brec.c
hfsplus: fix BUG on bnode parent update
2018-10-31 08:54:13 -07:00
btree.c
hfsplus: convert kmap() to kmap_local_page() in btree.c
2022-09-11 21:55:05 -07:00
catalog.c
hfsplus: convert to ctime accessor functions
2023-07-24 10:30:00 +02:00
dir.c
hfsplus: convert to ctime accessor functions
2023-07-24 10:30:00 +02:00
extents.c
fs: hfsplus: make extend error rate limited
2023-08-18 10:18:55 -07:00
hfsplus_fs.h
fs: port ->fileattr_set() to pass mnt_idmap
2023-01-19 09:24:27 +01:00
hfsplus_raw.h
hfsplus: use struct_group_attr() for memcpy() region
2022-01-20 08:52:54 +02:00
inode.c
fs: pass the request_mask to generic_fillattr
2023-08-09 08:56:36 +02:00
ioctl.c
hfsplus: convert to fileattr
2021-04-12 15:04:29 +02:00
Kconfig
fs: add CONFIG_BUFFER_HEAD
2023-08-02 09:13:09 -06:00
Makefile
hfsplus: drop ACL support
2018-08-22 10:52:50 -07:00
options.c
hfsplus: fix bug causing custom uid and gid being unable to be assigned with mount
2022-12-11 19:30:20 -08:00
part_tbl.c
fs/hfsplus: Use the enum req_op and blk_opf_t types
2022-07-14 12:14:32 -06:00
super.c
fs: hfsplus: fix UAF issue in hfsplus_put_super
2023-03-02 21:54:23 -08:00
tables.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
unicode.c
treewide: Remove uninitialized_var() usage
2020-07-16 12:35:15 -07:00
wrapper.c
fs/hfsplus: Use the enum req_op and blk_opf_t types
2022-07-14 12:14:32 -06:00
xattr_security.c
fs: port xattr to mnt_idmap
2023-01-19 09:24:28 +01:00
xattr_trusted.c
fs: port xattr to mnt_idmap
2023-01-19 09:24:28 +01:00
xattr_user.c
fs: port xattr to mnt_idmap
2023-01-19 09:24:28 +01:00
xattr.c
hfsplus: fix uninit-value in copy_name
2024-07-25 09:50:56 +02:00
xattr.h
hfsplus: drop ACL support
2018-08-22 10:52:50 -07:00