lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Y5vTyjRX6ZgIYxgj@mit.edu>
Date:   Thu, 15 Dec 2022 21:11:22 -0500
From:   "Theodore Ts'o" <tytso@....edu>
To:     syzbot <syzbot+15cd994e273307bf5cfa@...kaller.appspotmail.com>
Cc:     adilger.kernel@...ger.ca, gregkh@...uxfoundation.org,
        lczerner@...hat.com, linux-ext4@...r.kernel.org,
        linux-kernel@...r.kernel.org, sashal@...nel.org,
        stable@...r.kernel.org, syzkaller-android-bugs@...glegroups.com,
        tadeusz.struk@...aro.org
Subject: Re: kernel BUG in ext4_free_blocks (2)

On Thu, Dec 15, 2022 at 08:34:35AM -0800, syzbot wrote:
> This bug is marked as fixed by commit:
> ext4: block range must be validated before use in ext4_mb_clear_bb()
> But I can't find it in any tested tree for more than 90 days.
> Is it a correct commit? Please update it by replying:
> #syz fix: exact-commit-title
> Until then the bug is still considered open and
> new crashes with the same signature are ignored.

I don't know what is going on with syzkaller's commit detection, but
commit 1e1c2b86ef86 ("ext4: block range must be validated before use
in ext4_mb_clear_bb()") is an exact match for the commit title, and
it's been in the upstream kernel since v6.0.

How do we make syzkaller accept this?  I'll try this again, but I
don't hold out much hope.

#syz fix: ext4: block range must be validated before use in ext4_mb_clear_bb()

Syzkaller, go home, you're drunk.

					- Ted

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ