lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <tencent_0FCF9E0D8025B30DEE122EDD8FDDA9996B07@qq.com>
Date: Thu, 12 Jun 2025 19:32:58 +0800
From: Edward Adam Davis <eadavis@...com>
To: syzbot+4125590f2a9f5b3cdf43@...kaller.appspotmail.com
Cc: linux-kernel@...r.kernel.org,
	syzkaller-bugs@...glegroups.com
Subject: Re: [syzbot] [overlayfs?] WARNING in ovl_listxattr

#syz test

diff --git a/fs/xattr.c b/fs/xattr.c
index 8ec5b0204bfd..1f55b98ae275 100644
--- a/fs/xattr.c
+++ b/fs/xattr.c
@@ -491,6 +491,7 @@ vfs_listxattr(struct dentry *dentry, char *list, size_t size)
 
 	if (inode->i_op->listxattr) {
 		error = inode->i_op->listxattr(dentry, list, size);
+		printk("buf: %s, size: %lu, res: %ld, sb: %s, %s\n", list, size, error, inode->i_sb->s_type->name, __func__);
 	} else {
 		error = security_inode_listsecurity(inode, list, size);
 		if (size && error > size)
@@ -1466,12 +1467,14 @@ ssize_t simple_xattr_list(struct inode *inode, struct simple_xattrs *xattrs,
 	int err = 0;
 
 	err = posix_acl_listxattr(inode, &buffer, &remaining_size);
+	printk("inode: %p, buf: %s, size: %lu, res: %d, %s\n", inode, buffer, size, err, __func__);
 	if (err)
-		return err;
+		goto out;
 
 	err = security_inode_listsecurity(inode, buffer, remaining_size);
+	printk("2inode: %p, buf: %s, size: %lu, res: %d, %s\n", inode, buffer, size, err, __func__);
 	if (err < 0)
-		return err;
+		goto out;
 
 	if (buffer) {
 		if (remaining_size < err)
@@ -1498,7 +1501,12 @@ ssize_t simple_xattr_list(struct inode *inode, struct simple_xattrs *xattrs,
 	}
 	read_unlock(&xattrs->lock);
 
-	return err ? err : size - remaining_size;
+	printk("3inode: %p, buf: %s, size: %lu, res: %d, remaining_size: %ld, %s\n", inode, buffer, size, err, remaining_size, __func__);
+	err = err ? err : size - remaining_size;
+	if (err > 0 && err < 24)
+		err = -ERANGE;
+out:
+	return err;
 }
 
 /**

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ