Re: [syzbot] [nilfs?] UBSAN: array-index-out-of-bounds in nilfs_add_link
From: Ryusuke Konishi
Date: Mon Apr 15 2024 - 10:49:14 EST
On Mon, Apr 15, 2024 at 10:37 PM Jeongjun Park wrote:
>
> please test array-index-out-of-bounds in nilfs_add_link
>
> #syz test https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 0bbac3facb5d
>
> diff --git a/fs/nilfs2/dir.c b/fs/nilfs2/dir.c
> index bc846b904b68..aee40db7a036 100644
> --- a/fs/nilfs2/dir.c
> +++ b/fs/nilfs2/dir.c
> @@ -240,7 +240,7 @@ nilfs_filetype_table[NILFS_FT_MAX] = {
>
> #define S_SHIFT 12
> static unsigned char
> -nilfs_type_by_mode[S_IFMT >> S_SHIFT] = {
> +nilfs_type_by_mode[(S_IFMT >> S_SHIFT) + 1] = {
> [S_IFREG >> S_SHIFT] = NILFS_FT_REG_FILE,
> [S_IFDIR >> S_SHIFT] = NILFS_FT_DIR,
> [S_IFCHR >> S_SHIFT] = NILFS_FT_CHRDEV,
> --
>
I found this patch of yours while debugging.
This patch looks correct as a fix for the issue.
In fact, I verified using the reproducer that it fixes the issue.
Is it okay to understand that you will finish it and send it to me?
If so, I'll take it and send it upstream after thorough testing.
Regards,
Ryusuke Konishi