Re: [Linux-kernel-mentees] [PATCH] hfs, hfsplus: Fix NULL pointer dereference in hfs_find_init()

On Wed, Aug 12, 2020 at 05:24:20PM -0300, Ernesto A. Fernández wrote: > If that's what the reproducer is about, I think just returning an error is > reasonable. I guess it would be better to put a check inside hfsplus_inode_read_fork(), to verify that the first extent is always in the right place

Re: [Linux-kernel-mentees] [PATCH] hfs, hfsplus: Fix NULL pointer dereference in hfs_find_init()

Hi, On Wed, Aug 12, 2020 at 11:59:04AM +0300, Dan Carpenter wrote: > Yeah, the patch doesn't work at all. I looked at one call tree and it > is: > > hfs_mdb_get() tries to allocate HFS_SB(sb)->ext_tree. > > HFS_SB(sb)->ext_tree = hfs_btree_open(sb, HFS_EXT_CNID, hfs_ext_keycmp); >

Re: [Linux-kernel-mentees] [PATCH] hfs, hfsplus: Fix NULL pointer dereference in hfs_find_init()

On Wed, Aug 12, 2020 at 11:59:04AM +0300, Dan Carpenter wrote: > Yeah, the patch doesn't work at all. I looked at one call tree and it > is: > > hfs_mdb_get() tries to allocate HFS_SB(sb)->ext_tree. > > HFS_SB(sb)->ext_tree = hfs_btree_open(sb, HFS_EXT_CNID, hfs_ext_keycmp); >

Re: [Linux-kernel-mentees] [PATCH] hfs, hfsplus: Fix NULL pointer dereference in hfs_find_init()

On Wed, Aug 12, 2020 at 10:18:52AM +0200, Greg Kroah-Hartman wrote: > On Wed, Aug 12, 2020 at 03:13:06AM -0400, Peilin Ye wrote: > > On Wed, Aug 12, 2020 at 09:08:27AM +0200, Greg Kroah-Hartman wrote: > > > On Wed, Aug 12, 2020 at 02:55:56AM -0400, Peilin Ye wrote: > > > > Prevent hfs_find_init()

Re: [Linux-kernel-mentees] [PATCH] hfs, hfsplus: Fix NULL pointer dereference in hfs_find_init()

Yeah, the patch doesn't work at all. I looked at one call tree and it is: hfs_mdb_get() tries to allocate HFS_SB(sb)->ext_tree. HFS_SB(sb)->ext_tree = hfs_btree_open(sb, HFS_EXT_CNID, hfs_ext_keycmp); hfs_btree_open() calls page = read_mapping_page(mapping,

Re: [Linux-kernel-mentees] [PATCH] hfs, hfsplus: Fix NULL pointer dereference in hfs_find_init()

On Wed, Aug 12, 2020 at 03:13:06AM -0400, Peilin Ye wrote: > On Wed, Aug 12, 2020 at 09:08:27AM +0200, Greg Kroah-Hartman wrote: > > On Wed, Aug 12, 2020 at 02:55:56AM -0400, Peilin Ye wrote: > > > Prevent hfs_find_init() from dereferencing `tree` as NULL. > > > > > > Reported-and-tested-by: > >

Re: [Linux-kernel-mentees] [PATCH] hfs, hfsplus: Fix NULL pointer dereference in hfs_find_init()

On Wed, Aug 12, 2020 at 09:08:27AM +0200, Greg Kroah-Hartman wrote: > On Wed, Aug 12, 2020 at 02:55:56AM -0400, Peilin Ye wrote: > > Prevent hfs_find_init() from dereferencing `tree` as NULL. > > > > Reported-and-tested-by: > > syzbot+7ca256d0da4af073b...@syzkaller.appspotmail.com > >

Re: [Linux-kernel-mentees] [PATCH] hfs, hfsplus: Fix NULL pointer dereference in hfs_find_init()

On Wed, Aug 12, 2020 at 02:55:56AM -0400, Peilin Ye wrote: > Prevent hfs_find_init() from dereferencing `tree` as NULL. > > Reported-and-tested-by: syzbot+7ca256d0da4af073b...@syzkaller.appspotmail.com > Signed-off-by: Peilin Ye > --- > fs/hfs/bfind.c | 3 +++ > fs/hfsplus/bfind.c | 3 +++ >

[Linux-kernel-mentees] [PATCH] hfs, hfsplus: Fix NULL pointer dereference in hfs_find_init()

Prevent hfs_find_init() from dereferencing `tree` as NULL. Reported-and-tested-by: syzbot+7ca256d0da4af073b...@syzkaller.appspotmail.com Signed-off-by: Peilin Ye --- fs/hfs/bfind.c | 3 +++ fs/hfsplus/bfind.c | 3 +++ 2 files changed, 6 insertions(+) diff --git a/fs/hfs/bfind.c