| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ZsSvbDxMtUEHEldl@casper.infradead.org> Date: Tue, 20 Aug 2024 15:59:56 +0100 From: Matthew Wilcox <willy@...radead.org> To: Edward Adam Davis <eadavis@...com> Cc: syzbot+5a64828fcc4c2ad9b04f@...kaller.appspotmail.com, jlbec@...lplan.org, joseph.qi@...ux.alibaba.com, linux-kernel@...r.kernel.org, mark@...heh.com, ocfs2-devel@...ts.linux.dev, syzkaller-bugs@...glegroups.com Subject: Re: [PATCH] ocfs2: Add i_size check for dir On Tue, Aug 20, 2024 at 08:08:38PM +0800, Edward Adam Davis wrote: > When the i_size of dir is too large, it will cause limit to overflow and > be less than de_buf, ultimately resulting in last_de not being initialized > and causing uaf issue. > > + if (i_size_read(dir) > OCFS2_MAX_BLOCKSIZE) > + return -EINVAL; Surely directories can be more than one block in size?
Powered by blists - more mailing lists