[Bug 1824981] Re: cifs set_oplock buffer overflow in strcat

Christoph Probst Wed, 24 Apr 2019 08:51:17 -0700

The "NULL pointer dereference" bug create state D pocesses waiting in
call_rwsem_down_write_failed.


[  +0.000341] genesplicer     D    0 53349  52579 0x80000000
[  +0.000362] Call Trace:
[  +0.000346]  __schedule+0x291/0x8a0
[  +0.000348]  ? mempool_free+0x2f/0x90
[  +0.000347]  schedule+0x2c/0x80
[  +0.000356]  rwsem_down_write_failed+0x169/0x360
[  +0.000344]  ? is_size_safe_to_change+0x3c/0xd0 [cifs]
[  +0.000339]  call_rwsem_down_write_failed+0x17/0x30
[  +0.000336]  ? call_rwsem_down_write_failed+0x17/0x30
[  +0.000332]  down_write+0x2d/0x40
[  +0.000331]  cifs_new_fileinfo+0xc3/0x3a0 [cifs]
[  +0.000332]  cifs_open+0x3db/0x8d0 [cifs]
[  +0.000329]  do_dentry_open+0x1c2/0x310
[  +0.000360]  ? cifs_uncached_writev_complete+0x3f0/0x3f0 [cifs]
[  +0.000340]  ? do_dentry_open+0x1c2/0x310
[  +0.000337]  ? __inode_permission+0x5b/0x160
[  +0.000342]  ? cifs_uncached_writev_complete+0x3f0/0x3f0 [cifs]
[  +0.000353]  vfs_open+0x4f/0x80
[  +0.000334]  path_openat+0x66e/0x1770
[  +0.000335]  do_filp_open+0x9b/0x110
[  +0.000331]  ? __check_object_size+0xaf/0x1b0
[  +0.000332]  do_sys_open+0x1bb/0x2c0
[  +0.000329]  ? do_sys_open+0x1bb/0x2c0
[  +0.000327]  SyS_openat+0x14/0x20
[  +0.000325]  do_syscall_64+0x73/0x130
[  +0.000352]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
[  +0.000338] RIP: 0033:0x14620e613c8e
[  +0.000333] RSP: 002b:00007ffcc83c3d30 EFLAGS: 00000246 ORIG_RAX: 
0000000000000101
[  +0.000344] RAX: ffffffffffffffda RBX: 000055e697d33260 RCX: 000014620e613c8e
[  +0.000356] RDX: 0000000000000000 RSI: 00007ffcc83c41c0 RDI: 00000000ffffff9c
[  +0.000338] RBP: 000055e6965d798b R08: 0000000000000000 R09: 0000000000000000
[  +0.000338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000008
[  +0.000337] R13: 000055e6965d798b R14: 0000000000000000 R15: 0000000000000000

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1824981

Title:
  cifs set_oplock buffer overflow in strcat

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1824981/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1824981] Re: cifs set_oplock buffer overflow in strcat

Reply via email to