Re: [PATCH v2] erofs: fix general protection fault when reading fragment

From: Gao Xiang
Date: Sun Nov 06 2022 - 22:04:54 EST

Next message: Anup Patel: "Re: [PATCH 22/44] KVM: RISC-V: Do arch init directly in riscv_kvm_init()"
Previous message: Chen Zhongjin: "Re: linux-next: build warning after merge of the sound-asoc-fixes tree"
Next in thread: Chao Yu: "Re: [PATCH v2] erofs: fix general protection fault when reading fragment"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Oct 21, 2022 at 04:53:25PM +0800, Yue Hu wrote:
> From: Yue Hu <huyue2@xxxxxxxxxxx>
>
> As syzbot reported [1], the fragment feature sb flag is not set, so
> packed_inode != NULL needs to be checked in z_erofs_read_fragment().
>
> [1] https://lore.kernel.org/all/0000000000002e7a8905eb841ddd@xxxxxxxxxx/
>
> Reported-by: syzbot+3faecbfd845a895c04cb@xxxxxxxxxxxxxxxxxxxxxxxxx
> Fixes: 08a0c9ef3e7e ("erofs: support on-disk compressed fragments data")
> Signed-off-by: Yue Hu <huyue2@xxxxxxxxxxx>

Reviewed-by: Gao Xiang <hsiangkao@xxxxxxxxxxxxxxxxx>

Thanks,
Gao Xiang

> ---
> v2: fix return value to -EFSCURRUPTED (Xiang)
>
> fs/erofs/zdata.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/fs/erofs/zdata.c b/fs/erofs/zdata.c
> index cce56dde135c..55c13cd6934b 100644
> --- a/fs/erofs/zdata.c
> +++ b/fs/erofs/zdata.c
> @@ -659,6 +659,9 @@ static int z_erofs_read_fragment(struct inode *inode, erofs_off_t pos,
> u8 *src, *dst;
> unsigned int i, cnt;
>
> + if (!packed_inode)
> + return -EFSCORRUPTED;
> +
> pos += EROFS_I(inode)->z_fragmentoff;
> for (i = 0; i < len; i += cnt) {
> cnt = min_t(unsigned int, len - i,
> --
> 2.17.1

Next message: Anup Patel: "Re: [PATCH 22/44] KVM: RISC-V: Do arch init directly in riscv_kvm_init()"
Previous message: Chen Zhongjin: "Re: linux-next: build warning after merge of the sound-asoc-fixes tree"
Next in thread: Chao Yu: "Re: [PATCH v2] erofs: fix general protection fault when reading fragment"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]