lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-Id: <20260126063355.504157-1-wangqing7171@gmail.com>
Date: Mon, 26 Jan 2026 14:33:55 +0800
From: Qing Wang <wangqing7171@...il.com>
To: ebiggers@...nel.org
Cc: jaegeuk@...nel.org,
	linux-fscrypt@...r.kernel.org,
	linux-kernel@...r.kernel.org,
	syzbot+d130f98b2c265fae5297@...kaller.appspotmail.com,
	tytso@....edu,
	wangqing7171@...il.com
Subject: Re: [PATCH] fscrypt: Fix uninit-value in ovl_fill_real

On Sun, 25 Jan 2026 at 02:25, Eric Biggers wrote:
> For KMSAN issues, it's important to root-cause them.
> Zero-initialization isn't necessarily the right fix.
> 
> In this case, it looks like ovl_fill_real() is incorrectly assuming that
> the name is NUL-terminated.
> 
> Yet, the name passed to dir_context::actor isn't normally
> NUL-terminated.  Even for a regular directory, ext4 just passes a
> pointer to the filename in the ext4_dir_entry_2 in the buffer cache.
> 
> The encrypted directory case doesn't seem to be fundamentally different.
> Just KMSAN is able to report the issue because the memory is in a slab
> buffer rather than the buffer cache.
> 
> Can you consider fixing ovl_fill_real()?  Instead of strcmp(".."), it
> should check whether namelen is 2 and the first two chars are '.'.

Hi Eric,
Thanks for your reply. I agreed with your idea and resend a new patch.

https://lore.kernel.org/all/20260126062216.496560-1-wangqing7171@gmail.com/

Looking forward to your next review.

-- 
Best Regards,
Qing

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ