android/android_kernel_xiaomi_sm8450
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
71fbc3af3d
android_kernel_xiaomi_sm8450/fs/jfs
History
Zhao Mengmeng 8b1dcf25c2 jfs: Fix uninit-value access of new_ea in ea_buffer 
[ Upstream commit 2b59ffad47db1c46af25ccad157bb3b25147c35c ]

syzbot reports that lzo1x_1_do_compress is using uninit-value:

=====================================================
BUG: KMSAN: uninit-value in lzo1x_1_do_compress+0x19f9/0x2510 lib/lzo/lzo1x_compress.c:178

...

Uninit was stored to memory at:
 ea_put fs/jfs/xattr.c:639 [inline]

...

Local variable ea_buf created at:
 __jfs_setxattr+0x5d/0x1ae0 fs/jfs/xattr.c:662
 __jfs_xattr_set+0xe6/0x1f0 fs/jfs/xattr.c:934

=====================================================

The reason is ea_buf->new_ea is not initialized properly.

Fix this by using memset to empty its content at the beginning
in ea_get().

Reported-by: syzbot+02341e0daa42a15ce130@syzkaller.appspotmail.com
Closes: https://syzkaller.appspot.com/bug?extid=02341e0daa42a15ce130
Signed-off-by: Zhao Mengmeng <zhaomengmeng@kylinos.cn>
Signed-off-by: Dave Kleikamp <dave.kleikamp@oracle.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2024-10-17 15:08:15 +02:00
..
acl.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
file.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
inode.c jfs: prevent NULL deref in diFree 2022-04-13 21:01:03 +02:00
ioctl.c vfs: create a generic checking and prep function for FS_IOC_SETFLAGS 2019-07-01 08:25:34 -07:00
jfs_acl.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
jfs_btree.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
jfs_debug.c proc: convert everything to "struct proc_ops" 2020-02-04 03:05:26 +00:00
jfs_debug.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
jfs_dinode.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
jfs_discard.c jfs: Fix uaf in dbFreeBits 2024-10-17 15:08:15 +02:00
jfs_discard.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
jfs_dmap.c jfs: check if leafidx greater than num leaves per dmap tree 2024-10-17 15:08:15 +02:00
jfs_dmap.h jfs: Fix array index bounds check in dbAdjTree 2020-12-30 11:54:18 +01:00
jfs_dtree.c jfs: fix slab-out-of-bounds Read in dtSearch 2024-02-23 08:42:04 +01:00
jfs_dtree.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
jfs_extent.c jfs: validate max amount of blocks before allocation. 2023-09-19 12:20:15 +02:00
jfs_extent.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
jfs_filsys.h jfs: jfs_dmap: Validate db_l2nbperpage while mounting 2023-07-27 08:44:27 +02:00
jfs_imap.c jfs: fix out-of-bounds in dbNextAG() and diAlloc() 2024-10-17 15:07:47 +02:00
jfs_imap.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
jfs_incore.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
jfs_inode.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
jfs_inode.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
jfs_lock.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
jfs_logmgr.c fs/jfs: Fix missing error code in lmLogInit() 2021-07-20 16:05:40 +02:00
jfs_logmgr.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
jfs_metapage.c fs: Introduce i_blocks_per_page 2020-09-21 08:59:26 -07:00
jfs_metapage.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
jfs_mount.c jfs: fix uaf in jfs_evict_inode 2024-02-23 08:42:04 +01:00
jfs_superblock.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
jfs_txnmgr.c FS: JFS: Check for read-only mounted filesystem in txBegin 2023-08-26 15:26:44 +02:00
jfs_txnmgr.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
jfs_types.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
jfs_umount.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
jfs_unicode.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
jfs_unicode.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
jfs_uniupr.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
jfs_xattr.h jfs: Replace zero-length array with flexible-array member 2020-03-09 15:18:51 -05:00
jfs_xtree.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
jfs_xtree.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
Kconfig docs: fix a couple of new broken references 2019-07-31 14:12:26 -06:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
namei.c FS: JFS: Fix null-ptr-deref Read in txBegin 2023-08-26 15:26:44 +02:00
resize.c block: move struct block_device to blk_types.h 2020-06-24 09:16:02 -06:00
super.c fs: Fill in max and min timestamps in superblock 2019-08-30 07:27:17 -07:00
symlink.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 156 2019-05-30 11:26:35 -07:00
xattr.c jfs: Fix uninit-value access of new_ea in ea_buffer 2024-10-17 15:08:15 +02:00