[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAKFNMokdSAKhe41U7N=hwcq9EYFP9AgDo5OYpJ+a-VrjHjeF_g@mail.gmail.com>
Date: Mon, 15 Apr 2024 23:48:48 +0900
From: Ryusuke Konishi <konishi.ryusuke@...il.com>
To: Jeongjun Park <aha310510@...il.com>
Cc: syzbot+2e22057de05b9f3b30d8@...kaller.appspotmail.com,
linux-kernel@...r.kernel.org, syzkaller-bugs@...glegroups.com
Subject: Re: [syzbot] [nilfs?] UBSAN: array-index-out-of-bounds in nilfs_add_link
On Mon, Apr 15, 2024 at 10:37 PM Jeongjun Park wrote:
>
> please test array-index-out-of-bounds in nilfs_add_link
>
> #syz test https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 0bbac3facb5d
>
> diff --git a/fs/nilfs2/dir.c b/fs/nilfs2/dir.c
> index bc846b904b68..aee40db7a036 100644
> --- a/fs/nilfs2/dir.c
> +++ b/fs/nilfs2/dir.c
> @@ -240,7 +240,7 @@ nilfs_filetype_table[NILFS_FT_MAX] = {
>
> #define S_SHIFT 12
> static unsigned char
> -nilfs_type_by_mode[S_IFMT >> S_SHIFT] = {
> +nilfs_type_by_mode[(S_IFMT >> S_SHIFT) + 1] = {
> [S_IFREG >> S_SHIFT] = NILFS_FT_REG_FILE,
> [S_IFDIR >> S_SHIFT] = NILFS_FT_DIR,
> [S_IFCHR >> S_SHIFT] = NILFS_FT_CHRDEV,
> --
>
I found this patch of yours while debugging.
This patch looks correct as a fix for the issue.
In fact, I verified using the reproducer that it fixes the issue.
Is it okay to understand that you will finish it and send it to me?
If so, I'll take it and send it upstream after thorough testing.
Regards,
Ryusuke Konishi
Powered by blists - more mailing lists