>Reviewe-by: Joakim Tjernlund
Thanks for your review.
>It would be interesting to known how you managed to create such a dir entry as
>that is a bug too.
We discovered this bug by performing fuzzing tests, which simulate bit flips
that may occur anywhere in a flash device in real-world
-...@lists.infradead.org;
linux-kernel@vger.kernel.org
Cc: lizh...@huawei.com; wangfangpe...@huawei.com; xukunk...@huawei.com;
zhongju...@huawei.com; chenj...@huawei.com
Subject: [PATCH] jffs2: fix kasan slab-out-of-bounds problem
From: lizhe
KASAN report a slab-out-of-bounds problem. The logs are listed below
From: lizhe
KASAN report a slab-out-of-bounds problem. The logs are listed below.
It is because in function jffs2_scan_dirent_node, we alloc "checkedlen+1"
bytes for fd->name and we check crc with length rd->nsize. If checkedlen
is less than rd->nsize, it will cause the slab-out-of-bounds
3 matches
Mail list logo
