korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-09-21 20:22:13 +08:00
Code Issues Packages Projects Releases Wiki Activity
9f13aacdd4
linux/fs/jfs
History
Greg Kroah-Hartman 33aecc5799 jfs: xattr: fix buffer overflow for invalid xattr 
commit 7c55b78818 upstream.

When an xattr size is not what is expected, it is printed out to the
kernel log in hex format as a form of debugging.  But when that xattr
size is bigger than the expected size, printing it out can cause an
access off the end of the buffer.

Fix this all up by properly restricting the size of the debug hex dump
in the kernel log.

Reported-by: syzbot+9dfe490c8176301c1d06@syzkaller.appspotmail.com
Cc: Dave Kleikamp <shaggy@kernel.org>
Link: https://lore.kernel.org/r/2024051433-slider-cloning-98f9@gregkh
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2024-06-21 14:35:43 +02:00
..
acl.c vfs: add rcu argument to ->get_acl() callback 2021-08-18 22:08:24 +02:00
file.c attr: port attribute changes to new types 2022-06-26 18:18:56 +02:00
inode.c jfs: stop using the nobh helper 2022-08-02 12:34:04 -04:00
ioctl.c block: add a bdev_discard_granularity helper 2022-04-17 19:49:59 -06:00
jfs_acl.h vfs: add rcu argument to ->get_acl() callback 2021-08-18 22:08:24 +02:00
jfs_btree.h
jfs_debug.c
jfs_debug.h
jfs_dinode.h jfs: Avoid field-overflowing memcpy() 2021-06-23 09:21:52 -05:00
jfs_discard.c
jfs_discard.h
jfs_dmap.c jfs: fix array-index-out-of-bounds in dbAdjTree 2024-02-05 20:12:48 +00:00
jfs_dmap.h jfs: Fix array index bounds check in dbAdjTree 2020-11-13 16:03:07 -06:00
jfs_dtree.c jfs: fix slab-out-of-bounds Read in dtSearch 2024-02-05 20:12:48 +00:00
jfs_dtree.h
jfs_extent.c jfs: validate max amount of blocks before allocation. 2023-09-13 09:42:49 +02:00
jfs_extent.h
jfs_filsys.h jfs: jfs_dmap: Validate db_l2nbperpage while mounting 2023-07-23 13:49:34 +02:00
jfs_imap.c jfs: fix array-index-out-of-bounds in diNewExt 2024-02-05 20:12:48 +00:00
jfs_imap.h
jfs_incore.h jfs: Avoid field-overflowing memcpy() 2021-06-23 09:21:52 -05:00
jfs_inode.c inode: make init and permission helpers idmapped mount aware 2021-01-24 14:27:16 +01:00
jfs_inode.h jfs: convert to fileattr 2021-04-12 15:04:29 +02:00
jfs_lock.h
jfs_logmgr.c fs/jfs: Remove dead code 2022-04-25 14:00:33 -05:00
jfs_logmgr.h
jfs_metapage.c jfs: Remove check for PageUptodate 2022-06-29 08:51:07 -04:00
jfs_metapage.h
jfs_mount.c jfs: fix uaf in jfs_evict_inode 2024-02-05 20:12:48 +00:00
jfs_superblock.h
jfs_txnmgr.c FS: JFS: Check for read-only mounted filesystem in txBegin 2023-07-27 08:50:33 +02:00
jfs_txnmgr.h
jfs_types.h
jfs_umount.c
jfs_unicode.c
jfs_unicode.h
jfs_uniupr.c
jfs_xattr.h
jfs_xtree.c fs/jfs: Remove dead code 2022-04-25 14:00:33 -05:00
jfs_xtree.h fs/jfs: Remove dead code 2022-04-25 14:00:33 -05:00
Kconfig
Makefile fs/jfs: Remove dead code 2022-04-25 14:00:33 -05:00
namei.c FS: JFS: Fix null-ptr-deref Read in txBegin 2023-07-27 08:50:33 +02:00
resize.c jfs: use sb_bdev_nr_blocks 2021-10-18 14:43:23 -06:00
super.c block: remove QUEUE_FLAG_DISCARD 2022-04-17 19:49:59 -06:00
symlink.c
xattr.c jfs: xattr: fix buffer overflow for invalid xattr 2024-06-21 14:35:43 +02:00