lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <!&!AAAAAAAAAAAuAAAAAAAAAKIhlVZMQAxHpE33aCjXyrEBAMO2jhD3dRHOtM0AqgC7tuYAAAAAAA4AABAAAABTrGeEs4SaSZ6/Js27w/JiAQAAAAA=@qianxin.com>
Date: Wed, 19 Feb 2025 16:05:11 +0800
From: 柳菁峰 <liujingfeng@...nxin.com>
To: 'Greg KH' <gregkh@...uxfoundation.org>
CC: <security@...nel.org>, <shaggy@...nel.org>,
	<jfs-discussion@...ts.sourceforge.net>, <linux-kernel@...r.kernel.org>,
	<rkeshri@...hat.com>, <syzkaller@...glegroups.com>, <secalert@...hat.com>
Subject: RE: FW: GPF and null-ptr-deref caused by uninitialization of jfs module(INC3342348)

> On Mon, Feb 10, 2025 at 10:09:54AM +0800, 柳菁峰 wrote:
> > Hello,Here is forward INC3342348 origin message
> >
> > I hope to receive updated response regarding this issue.
> 
> We have no lack of syzbot reported issues, what we do have is a lack of people
> fixing them, so patches are always welcome, especially as you already have a
> working reproducer for the problem to test against.
> 
> thanks,
> 
> greg k-h

Hello,I try to do it.

TxBegin returns 0 because the file system is read-only, and TxBlock [tid=0] is a reserved block, so I tried to perform a read-only file system check in the jfs_create function. This should prevent crashes, but I'm not sure if it affects the original logic. I hope developers can help check this patch.


diff --git a/fs/jfs/namei.c b/fs/jfs/namei.c
index d68a4e6ac345..4b6d85d47c3a 100644
--- a/fs/jfs/namei.c
+++ b/fs/jfs/namei.c
@@ -77,6 +77,10 @@ static int jfs_create(struct mnt_idmap *idmap, struct inoded,
        if (rc)
                goto out1;
 
+       if (isReadOnly(dip)){
+               rc=-EROFS;
+               goto out1;
+       }
        /*
         * search parent directory for entry/freespace
         * (dtSearch() returns parent directory page pinned)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ