| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20200222003354.GB873427@mit.edu>
Date: Fri, 21 Feb 2020 19:33:54 -0500
From: "Theodore Y. Ts'o" <tytso@....edu>
To: "Jitindar SIngh, Suraj" <surajjs@...zon.com>
Cc: "cai@....pw" <cai@....pw>,
"adilger.kernel@...ger.ca" <adilger.kernel@...ger.ca>,
"linux-ext4@...r.kernel.org" <linux-ext4@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"paulmck@...nel.org" <paulmck@...nel.org>
Subject: Re: null-ptr-deref due to "ext4: fix potential race between online
resizing and write operations"
On Fri, Feb 21, 2020 at 07:58:01PM +0000, Jitindar SIngh, Suraj wrote:
> On Fri, 2020-02-21 at 09:02 -0500, Qian Cai wrote:
> > Reverted the linux-next commit c20bac9bf82c ("ext4: fix potential
> > race between
> > s_flex_groups online resizing and access") fixed the crash below
> > (with line
> > numbers),
>
> Good catch, this is a bug where the dereference of the array
> s_flex_groups needs to happen after the "if (flex_size > 1)" if
> statement in fs/ext4/ialloc.c:373
Cai, thanks for noting the problem! Suraj, I've fixed up the patch on
the ext4.git tree.
- Ted
Powered by blists - more mailing lists