| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <727579ab-94d5-49d5-aee0-23e69b9472ad@oracle.com>
Date: Tue, 3 Oct 2023 18:22:28 -0500
From: Dave Kleikamp <dave.kleikamp@...cle.com>
To: Manas Ghandat <ghandatmanas@...il.com>, shaggy@...nel.org
Cc: jfs-discussion@...ts.sourceforge.net, linux-kernel@...r.kernel.org,
Linux-kernel-mentees@...ts.linuxfoundation.org
Subject: Re: [PATCH] jfs: fix array-index-out-of-bounds in diAlloc
On 9/26/23 2:13AM, Manas Ghandat wrote:
> Currently there is not check against the agno of the iag while
> allocating new inodes to avoid fragmentation problem. Added the check
> which is required.
Does this fix an observed problem? It seems reasonable and if we add
this we may also want to make sure that agno doesn't exceed db_numag,
(JFS_SBI(pip->i_sb)->bmap->db_numag) (yuck).
>
> Signed-off-by: Manas Ghandat <ghandatmanas@...il.com>
> ---
> fs/jfs/jfs_imap.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/fs/jfs/jfs_imap.c b/fs/jfs/jfs_imap.c
> index 799d3837e7c2..ace8a1506380 100644
> --- a/fs/jfs/jfs_imap.c
> +++ b/fs/jfs/jfs_imap.c
> @@ -1355,6 +1355,8 @@ int diAlloc(struct inode *pip, bool dir, struct inode *ip)
>
> /* get the ag number of this iag */
> agno = BLKTOAG(JFS_IP(pip)->agstart, JFS_SBI(pip->i_sb));
> + if (agno < 0)
> + return -EIO;
>
> if (atomic_read(&JFS_SBI(pip->i_sb)->bmap->db_active[agno])) {
> /*
Powered by blists - more mailing lists