lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-Id: 
 <174110824573.224349.9408350967320704453.git-patchwork-notify@kernel.org>
Date: Tue, 04 Mar 2025 17:10:45 +0000
From: patchwork-bot+f2fs@...nel.org
To: Chao Yu <chao@...nel.org>
Cc: jaegeuk@...nel.org, syzbot+6653f10281a1badc749e@...kaller.appspotmail.com,
 linux-kernel@...r.kernel.org, linux-f2fs-devel@...ts.sourceforge.net
Subject: Re: [f2fs-dev] [PATCH] f2fs: fix to avoid out-of-bounds access in
 f2fs_truncate_inode_blocks()

Hello:

This patch was applied to jaegeuk/f2fs.git (dev)
by Jaegeuk Kim <jaegeuk@...nel.org>:

On Mon,  3 Mar 2025 11:47:38 +0800 you wrote:
> syzbot reports an UBSAN issue as below:
> 
> ------------[ cut here ]------------
> UBSAN: array-index-out-of-bounds in fs/f2fs/node.h:381:10
> index 18446744073709550692 is out of range for type '__le32[5]' (aka 'unsigned int[5]')
> CPU: 0 UID: 0 PID: 5318 Comm: syz.0.0 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0
> Call Trace:
>  <TASK>
>  __dump_stack lib/dump_stack.c:94 [inline]
>  dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120
>  ubsan_epilogue lib/ubsan.c:231 [inline]
>  __ubsan_handle_out_of_bounds+0x121/0x150 lib/ubsan.c:429
>  get_nid fs/f2fs/node.h:381 [inline]
>  f2fs_truncate_inode_blocks+0xa5e/0xf60 fs/f2fs/node.c:1181
>  f2fs_do_truncate_blocks+0x782/0x1030 fs/f2fs/file.c:808
>  f2fs_truncate_blocks+0x10d/0x300 fs/f2fs/file.c:836
>  f2fs_truncate+0x417/0x720 fs/f2fs/file.c:886
>  f2fs_file_write_iter+0x1bdb/0x2550 fs/f2fs/file.c:5093
>  aio_write+0x56b/0x7c0 fs/aio.c:1633
>  io_submit_one+0x8a7/0x18a0 fs/aio.c:2052
>  __do_sys_io_submit fs/aio.c:2111 [inline]
>  __se_sys_io_submit+0x171/0x2e0 fs/aio.c:2081
>  do_syscall_x64 arch/x86/entry/common.c:52 [inline]
>  do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
>  entry_SYSCALL_64_after_hwframe+0x77/0x7f
> RIP: 0033:0x7f238798cde9
> 
> [...]

Here is the summary with links:
  - [f2fs-dev] f2fs: fix to avoid out-of-bounds access in f2fs_truncate_inode_blocks()
    https://git.kernel.org/jaegeuk/f2fs/c/e6494977bd4a

You are awesome, thank you!
-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ