[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <tencent_FFE5365E9608362A4B7474FF76E567C03C09@qq.com>
Date: Tue, 21 May 2024 11:45:24 +0800
From: Edward Adam Davis <eadavis@...com>
To: syzbot+efde959319469ff8d4d7@...kaller.appspotmail.com
Cc: linux-kernel@...r.kernel.org,
syzkaller-bugs@...glegroups.com
Subject: Re: [syzbot] [hfs?] KMSAN: uninit-value in copy_name
please test uiv in copy_name
#syz test https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git a5131c3fdf26
diff --git a/fs/hfsplus/unicode.c b/fs/hfsplus/unicode.c
index 73342c925a4b..8e97df12375d 100644
--- a/fs/hfsplus/unicode.c
+++ b/fs/hfsplus/unicode.c
@@ -234,6 +234,7 @@ int hfsplus_uni2asc(struct super_block *sb,
}
done:
res = nls->uni2char(cc, op, len);
+ printk("res: %d, cc: %d, op:%p, len: %d, ustrlen: %d, %s\n", res, cc, op, len, ustrlen, __func__);
if (res < 0) {
if (res == -ENAMETOOLONG)
goto out;
diff --git a/fs/hfsplus/xattr.c b/fs/hfsplus/xattr.c
index 9c9ff6b8c6f7..cac1cca468d8 100644
--- a/fs/hfsplus/xattr.c
+++ b/fs/hfsplus/xattr.c
@@ -698,7 +698,7 @@ ssize_t hfsplus_listxattr(struct dentry *dentry, char *buffer, size_t size)
return err;
}
- strbuf = kmalloc(NLS_MAX_CHARSET_SIZE * HFSPLUS_ATTR_MAX_STRLEN +
+ strbuf = kzalloc(NLS_MAX_CHARSET_SIZE * HFSPLUS_ATTR_MAX_STRLEN +
XATTR_MAC_OSX_PREFIX_LEN + 1, GFP_KERNEL);
if (!strbuf) {
res = -ENOMEM;
@@ -733,6 +733,7 @@ ssize_t hfsplus_listxattr(struct dentry *dentry, char *buffer, size_t size)
goto end_listxattr;
xattr_name_len = NLS_MAX_CHARSET_SIZE * HFSPLUS_ATTR_MAX_STRLEN;
+ printk("sb: %p, xnl: %d, %s\n", strbuf, xattr_name_len, __func__);
if (hfsplus_uni2asc(inode->i_sb,
(const struct hfsplus_unistr *)&fd.key->attr.key_name,
strbuf, &xattr_name_len)) {
@@ -741,6 +742,7 @@ ssize_t hfsplus_listxattr(struct dentry *dentry, char *buffer, size_t size)
goto end_listxattr;
}
+ printk("s:%d, buf:%p, res:%d, sb: %s, xnl: %d, %s\n", size, buffer, res, strbuf, xattr_name_len, __func__);
if (!buffer || !size) {
if (can_list(strbuf))
res += name_len(strbuf, xattr_name_len);
Powered by blists - more mailing lists