| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <YwOWiDKhVxm7m0fa@casper.infradead.org>
Date: Mon, 22 Aug 2022 15:45:28 +0100
From: Matthew Wilcox <willy@...radead.org>
To: Siddh Raman Pant <code@...dh.me>
Cc: david@...morbit.com, djwong@...nel.org, fgheet255t@...il.com,
hch@...radead.org, linux-ext4@...r.kernel.org,
linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-xfs@...r.kernel.org, riteshh@...ux.ibm.com,
syzbot+a8e049cd3abd342936b6@...kaller.appspotmail.com,
syzkaller-bugs@...glegroups.com
Subject: Re: [syzbot] WARNING in iomap_iter
On Sun, Aug 21, 2022 at 05:18:16PM +0530, Siddh Raman Pant wrote:
> @@ -979,9 +979,15 @@ loop_set_status_from_info(struct loop_device *lo,
>
> lo->lo_offset = info->lo_offset;
> lo->lo_sizelimit = info->lo_sizelimit;
> + lo->lo_flags = info->lo_flags;
> +
> + /* loff_t/int vars are assigned __u64/__u32 vars (respectively) */
> + if (lo->lo_offset < 0 || lo->lo_sizelimit < 0 || lo->lo_flags < 0)
> + return -EOVERFLOW;
Why would you check lo_flags? That really, really should be an unsigned
type.
Powered by blists - more mailing lists