lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 24 Nov 2023 03:21:19 -0800
From:   syzbot <syzbot+c5b339d16ffa61fd512d@...kaller.appspotmail.com>
To:     linux-kernel@...r.kernel.org
Subject: Re: [syzbot] [ntfs3?] WARNING in indx_insert_into_buffer

For archival purposes, forwarding an incoming command email to
linux-kernel@...r.kernel.org.

***

Subject: [ntfs3?] WARNING in indx_insert_into_buffer
Author: eadavis@...com

please test WARNING in indx_insert_into_buffer

#syz test https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 037266a5f723

diff --git a/fs/ntfs3/index.c b/fs/ntfs3/index.c
index cf92b2433f7a..350ec6798ffe 100644
--- a/fs/ntfs3/index.c
+++ b/fs/ntfs3/index.c
@@ -1865,6 +1865,7 @@ indx_insert_into_buffer(struct ntfs_index *indx, struct ntfs_inode *ni,
 	hdr_insert_head(hdr2, de_t, to_copy);
 
 	/* Remove all entries (sp including) from hdr1. */
+	printk("u1: %d, tc: %d, ss: %d\n", used1, to_copy, sp_size);
 	used = used1 - to_copy - sp_size;
 	memmove(de_t, Add2Ptr(sp, sp_size), used - le32_to_cpu(hdr1->de_off));
 	hdr1->used = cpu_to_le32(used);
@@ -1892,6 +1893,8 @@ indx_insert_into_buffer(struct ntfs_index *indx, struct ntfs_inode *ni,
 	 * We've finished splitting everybody, so we are ready to
 	 * insert the promoted entry into the parent.
 	 */
+	printk("l: %d, e: %d, h1: %p, h1s: %p, u1: %d, %d\n", level, err, hdr1, hdr1_saved, 
+				used1, le32_to_cpu(hdr1->used));
 	if (!level) {
 		/* Insert in root. */
 		err = indx_insert_into_root(indx, ni, up_e, NULL, ctx, fnd, 0);
@@ -1909,6 +1912,8 @@ indx_insert_into_buffer(struct ntfs_index *indx, struct ntfs_inode *ni,
 		 * Undo critical operations.
 		 */
 		indx_mark_free(indx, ni, new_vbn >> indx->idx2vbn_bits);
+		printk("%d, e: %d, h1: %p, h1s: %p, u1: %d, %d\n", level, err, hdr1, hdr1_saved, 
+				used1, le32_to_cpu(hdr1->used));
 		memcpy(hdr1, hdr1_saved, used1);
 		indx_write(indx, ni, n1, 0);
 	}
@@ -1916,6 +1921,7 @@ indx_insert_into_buffer(struct ntfs_index *indx, struct ntfs_inode *ni,
 out:
 	kfree(up_e);
 	kfree(hdr1_saved);
+	printk("h1: %p, e: %d", hdr1, err);
 
 	return err;
 }

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ