lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Thu, 23 Mar 2023 10:18:49 -0400
From:   "Theodore Ts'o" <tytso@....edu>
To:     Kemeng Shi <shikemeng@...weicloud.com>
Cc:     adilger.kernel@...ger.ca, linux-ext4@...r.kernel.org,
        linux-kernel@...r.kernel.org, error27@...il.com, jack@...e.cz
Subject: Re: [PATCH] ext4: avoid to access uninitialized block_cluster

On Tue, Mar 21, 2023 at 05:21:06AM +0800, Kemeng Shi wrote:
> If inode bitmap block and block bitmap block are in different group,
> there is a risk to access uninitialized block_cluster in
> ext4_num_overhead_clusters. Initialize block_cluster to -1 to fix this.
> 
> Signed-off-by: Kemeng Shi <shikemeng@...weicloud.com>
> Reported-by: kernel test robot <lkp@...el.com>
> Reported-by: Dan Carpenter <error27@...il.com>
> Link: https://lore.kernel.org/r/202303171446.eLEhZzAu-lkp@intel.com/
> Fixes: e3c70113e2cb ("ext4: improve inode table blocks counting in ext4_num_overhead_clusters")

Thanks for the fix-up and to Dan and the zero-day test bot for noting
the problem.  Since I've needed to rebase the ext4 dev tree to pick up
an urgent fixup as well as deal with some other problematic commits,
I've merged this fix into the base commit "ext4: improve inode table
blocks counting in ext4_num_overhead_clusters".

Cheers,

					- Ted

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ