Re: [RESEND PATCH] ext4: fix use-after-free Read in ext4_find_extent for bigalloc + inline

From: Theodore Ts'o
Date: Sun Apr 30 2023 - 13:59:46 EST

Next message: Theodore Ts'o: "Re: [PATCH v2] ext4: Fix i_disksize exceeding i_size problem in paritally written case"
Previous message: Theodore Ts'o: "Re: [PATCH] ext4: Fix unused iterator variable warnings"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 06 Apr 2023 11:16:27 +0000, Tudor Ambarus wrote:
> Syzbot found the following issue:
> loop0: detected capacity change from 0 to 2048
> EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: none.
> ==================================================================
> BUG: KASAN: use-after-free in ext4_ext_binsearch_idx fs/ext4/extents.c:768 [inline]
> BUG: KASAN: use-after-free in ext4_find_extent+0x76e/0xd90 fs/ext4/extents.c:931
> Read of size 4 at addr ffff888073644750 by task syz-executor420/5067
>
> [...]

Applied, thanks!

[1/1] ext4: fix use-after-free Read in ext4_find_extent for bigalloc + inline
commit: 835659598c67907b98cd2aa57bb951dfaf675c69

Best regards,
--
Theodore Ts'o <tytso@xxxxxxx>

Next message: Theodore Ts'o: "Re: [PATCH v2] ext4: Fix i_disksize exceeding i_size problem in paritally written case"
Previous message: Theodore Ts'o: "Re: [PATCH] ext4: Fix unused iterator variable warnings"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]