1. Patchew
  2. linux
  3. View series

[PATCH] ntfs3: avoid memcpy size warning

Lizhi Xu posted 1 patch 2 months, 1 week ago 
fs/ntfs3/index.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
[PATCH] ntfs3: avoid memcpy size warning
Posted by Lizhi Xu 2 months, 1 week ago 
There are more entries after the structure, use unsafe_memcpy() to avoid
this warning.

syzbot reported:
memcpy: detected field-spanning write (size 3656) of single field "hdr1" at fs/ntfs3/index.c:1927 (size 16)
Call Trace:
 indx_insert_entry+0x1a0/0x460 fs/ntfs3/index.c:1996
 ni_add_name+0x4dd/0x820 fs/ntfs3/frecord.c:2995
 ni_rename+0x98/0x170 fs/ntfs3/frecord.c:3026
 ntfs_rename+0xab9/0xf00 fs/ntfs3/namei.c:332

Reported-by: syzbot+3a1878433bc1cb97b42a@syzkaller.appspotmail.com
Closes: https://syzkaller.appspot.com/bug?extid=3a1878433bc1cb97b42a
Signed-off-by: Lizhi Xu <lizhi.xu@windriver.com>
---
 fs/ntfs3/index.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/fs/ntfs3/index.c b/fs/ntfs3/index.c
index 6d1bf890929d..7157cfd70fdc 100644
--- a/fs/ntfs3/index.c
+++ b/fs/ntfs3/index.c
@@ -1924,7 +1924,8 @@ indx_insert_into_buffer(struct ntfs_index *indx, struct ntfs_inode *ni,
 		 * Undo critical operations.
 		 */
 		indx_mark_free(indx, ni, new_vbn >> indx->idx2vbn_bits);
-		memcpy(hdr1, hdr1_saved, used1);
+		unsafe_memcpy(hdr1, hdr1_saved, used1,
+			      "There are entries after the structure");
 		indx_write(indx, ni, n1, 0);
 	}
 
-- 
2.43.0
Re: [PATCH] ntfs3: avoid memcpy size warning
Posted by Konstantin Komarov 4 weeks ago 
On 10/9/25 04:37, Lizhi Xu wrote:

> There are more entries after the structure, use unsafe_memcpy() to avoid
> this warning.
>
> syzbot reported:
> memcpy: detected field-spanning write (size 3656) of single field "hdr1" at fs/ntfs3/index.c:1927 (size 16)
> Call Trace:
>   indx_insert_entry+0x1a0/0x460 fs/ntfs3/index.c:1996
>   ni_add_name+0x4dd/0x820 fs/ntfs3/frecord.c:2995
>   ni_rename+0x98/0x170 fs/ntfs3/frecord.c:3026
>   ntfs_rename+0xab9/0xf00 fs/ntfs3/namei.c:332
>
> Reported-by: syzbot+3a1878433bc1cb97b42a@syzkaller.appspotmail.com
> Closes: https://syzkaller.appspot.com/bug?extid=3a1878433bc1cb97b42a
> Signed-off-by: Lizhi Xu <lizhi.xu@windriver.com>
> ---
>   fs/ntfs3/index.c | 3 ++-
>   1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/fs/ntfs3/index.c b/fs/ntfs3/index.c
> index 6d1bf890929d..7157cfd70fdc 100644
> --- a/fs/ntfs3/index.c
> +++ b/fs/ntfs3/index.c
> @@ -1924,7 +1924,8 @@ indx_insert_into_buffer(struct ntfs_index *indx, struct ntfs_inode *ni,
>   		 * Undo critical operations.
>   		 */
>   		indx_mark_free(indx, ni, new_vbn >> indx->idx2vbn_bits);
> -		memcpy(hdr1, hdr1_saved, used1);
> +		unsafe_memcpy(hdr1, hdr1_saved, used1,
> +			      "There are entries after the structure");
>   		indx_write(indx, ni, n1, 0);
>   	}
>   

Thanks for the patch. Applied.

Regards,
Konstantin

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.