1. Patchew
  2. linux
  3. View series

[PATCH] hfs: Fix uninitialized value issue in hfs_iget

SurajSonawane2415 posted 1 patch 2 months ago 
fs/hfs/dir.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
[PATCH] hfs: Fix uninitialized value issue in hfs_iget
Posted by SurajSonawane2415 2 months ago 
Fix uninitialized value issue in hfs_iget by initializing the hfs_cat_rec 
structure in hfs_lookup.

Reported-by: syzbot+18dd03a3fcf0ffe27da0@syzkaller.appspotmail.com
Closes: https://syzkaller.appspot.com/bug?extid=18dd03a3fcf0ffe27da0
Tested-by: syzbot+18dd03a3fcf0ffe27da0@syzkaller.appspotmail.com
Signed-off-by: SurajSonawane2415 <surajsonawane0215@gmail.com>
---
 fs/hfs/dir.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/hfs/dir.c b/fs/hfs/dir.c
index b75c26045df4..3b880b3e4b4c 100644
--- a/fs/hfs/dir.c
+++ b/fs/hfs/dir.c
@@ -20,7 +20,7 @@
 static struct dentry *hfs_lookup(struct inode *dir, struct dentry *dentry,
 				 unsigned int flags)
 {
-	hfs_cat_rec rec;
+	hfs_cat_rec rec = {0};
 	struct hfs_find_data fd;
 	struct inode *inode = NULL;
 	int res;
-- 
2.34.1
Re: [PATCH] hfs: Fix uninitialized value issue in hfs_iget
Posted by Suraj Sonawane 1 week, 6 days ago 
On 23/09/24 23:30, SurajSonawane2415 wrote:
> Fix uninitialized value issue in hfs_iget by initializing the hfs_cat_rec
> structure in hfs_lookup.
> 
> Reported-by: syzbot+18dd03a3fcf0ffe27da0@syzkaller.appspotmail.com
> Closes: https://syzkaller.appspot.com/bug?extid=18dd03a3fcf0ffe27da0
> Tested-by: syzbot+18dd03a3fcf0ffe27da0@syzkaller.appspotmail.com
> Signed-off-by: SurajSonawane2415 <surajsonawane0215@gmail.com>
> ---
>   fs/hfs/dir.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/fs/hfs/dir.c b/fs/hfs/dir.c
> index b75c26045df4..3b880b3e4b4c 100644
> --- a/fs/hfs/dir.c
> +++ b/fs/hfs/dir.c
> @@ -20,7 +20,7 @@
>   static struct dentry *hfs_lookup(struct inode *dir, struct dentry *dentry,
>   				 unsigned int flags)
>   {
> -	hfs_cat_rec rec;
> +	hfs_cat_rec rec = {0};
>   	struct hfs_find_data fd;
>   	struct inode *inode = NULL;
>   	int res;

I wanted to follow up on the patch I submitted. I was wondering if you 
had a chance to review it and if there are any comments or feedback.

Thank you for your time and consideration. I look forward to your response.

Best regards,
Suraj Sonawane
Re: [PATCH] hfs: Fix uninitialized value issue in hfs_iget
Posted by Matthew Wilcox 1 week, 6 days ago 
On Fri, Nov 15, 2024 at 09:22:31PM +0530, Suraj Sonawane wrote:
> On 23/09/24 23:30, SurajSonawane2415 wrote:
> > Fix uninitialized value issue in hfs_iget by initializing the hfs_cat_rec
> > structure in hfs_lookup.

This doesn't make sense to me.  I don't see how we get to hfs_iget()
with an uninit "rec".

        hfs_cat_rec rec;
...
        res = hfs_brec_read(&fd, &rec, sizeof(rec));
        if (res) {
...
        } else {
                inode = hfs_iget(dir->i_sb, &fd.search_key->cat, &rec);

Unless there's a path in hfs_brec_read() which returns 'success' while
not actually filling in all of 'rec', in which case that's the bug which
needs to be fixed.

Patchew 2.1-devel-b67e4c2

© 2016 - 2024 Red Hat, Inc.