[<prev] [next>] [day] [month] [year] [list]
Message-Id: <20220120094914.47736-1-dzm91@hust.edu.cn>
Date: Thu, 20 Jan 2022 17:49:14 +0800
From: Dongliang Mu <dzm91@...t.edu.cn>
To: Anton Altaparmakov <anton@...era.com>
Cc: Dongliang Mu <mudongliangabcd@...il.com>,
syzbot+3c765c5248797356edaa@...kaller.appspotmail.com,
linux-ntfs-dev@...ts.sourceforge.net, linux-kernel@...r.kernel.org
Subject: [PATCH] ntfs: add sanity check on allocation size
From: Dongliang Mu <mudongliangabcd@...il.com>
ntfs_read_inode_mount invokes ntfs_malloc_nofs with zero allocation size. It triggers one BUG in the __ntfs_malloc function.
Fix this by adding sanity check on ni->attr_list_size.
Reported-by: syzbot+3c765c5248797356edaa@...kaller.appspotmail.com
Signed-off-by: Dongliang Mu <mudongliangabcd@...il.com>
---
fs/ntfs/inode.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/fs/ntfs/inode.c b/fs/ntfs/inode.c
index 4474adb393ca..517b71c73aa9 100644
--- a/fs/ntfs/inode.c
+++ b/fs/ntfs/inode.c
@@ -1881,6 +1881,10 @@ int ntfs_read_inode_mount(struct inode *vi)
}
/* Now allocate memory for the attribute list. */
ni->attr_list_size = (u32)ntfs_attr_size(a);
+ if (!ni->attr_list_size) {
+ ntfs_error(sb, "Attr_list_size is zero");
+ goto put_err_out;
+ }
ni->attr_list = ntfs_malloc_nofs(ni->attr_list_size);
if (!ni->attr_list) {
ntfs_error(sb, "Not enough memory to allocate buffer "
--
2.25.1
Powered by blists - more mailing lists