lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <ezutb7amte5sykqvcdb4vcsrihnuqbucmiqplp3uqhkdbt2kjc@g4l5dxav3vcl>
Date: Tue, 13 Aug 2024 08:17:57 -0400
From: Kent Overstreet <kent.overstreet@...ux.dev>
To: zhanghao <zhanghao1@...inos.cn>
Cc: linux-bcachefs@...r.kernel.org, linux-kernel@...r.kernel.org, 
	syzbot+1a11884d9c9f1353942d@...kaller.appspotmail.com
Subject: Re: [PATCH] bcachefs: Add check for the size of combined key and
 value

On Tue, Aug 13, 2024 at 07:31:19PM GMT, zhanghao wrote:
> The bkey_val_bytes() gets the number of bytes of value
> stored in bkey->u64s.If u64s is smaller than BKEY_U64s,
> it causes a negative number to be converted to an
> unsigned number.

Nope, this patch is is _completely_ wrong

> 
> Reported-by: syzbot+1a11884d9c9f1353942d@...kaller.appspotmail.com
> Closes: https://syzkaller.appspot.com/bug?extid=1a11884d9c9f1353942d
> Fixes: ba81523eaac3 ("bcachefs: Split out bkey_types.h")
> Link: https://lore.kernel.org/all/00000000000025321f061d7b62ff@google.com/T/
> 
> Signed-off-by: zhanghao <zhanghao1@...inos.cn>
> ---
>  fs/bcachefs/bkey_types.h | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/fs/bcachefs/bkey_types.h b/fs/bcachefs/bkey_types.h
> index c9ae9e42b385..60fa5af93032 100644
> --- a/fs/bcachefs/bkey_types.h
> +++ b/fs/bcachefs/bkey_types.h
> @@ -21,6 +21,8 @@ static inline struct bkey_i *bkey_next(struct bkey_i *k)
>  
>  static inline size_t bkey_val_bytes(const struct bkey *k)
>  {
> +	if (k->u64s < BKEY_U64s)
> +		return 0;
>  	return bkey_val_u64s(k) * sizeof(u64);
>  }
>  
> 
> base-commit: d74da846046aeec9333e802f5918bd3261fb5509
> prerequisite-patch-id: 1ec511753fc7aab35ba0e982013cf91ba4403da6
> -- 
> 2.39.2
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ