Re: [syzbot] [btrfs?] KASAN: slab-out-of-bounds Read in getname_kernel (2)

From: Edward Adam Davis
Date: Mon Jan 15 2024 - 18:59:06 EST

Next message: Jakub Kicinski: "Re: [PATCH] connector: Change the judgment conditions for clearing proc_event_num_listeners"
Previous message: kernel test robot: "Re: [PATCH v6 6/7] mm: Defer TLB flush by keeping both src and dst folios at migration"
In reply to: syzbot: "Re: [syzbot] [btrfs?] KASAN: slab-out-of-bounds Read in getname_kernel (2)"
Next in thread: syzbot: "Re: [syzbot] [btrfs?] KASAN: slab-out-of-bounds Read in getname_kernel (2)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

please test slab-out-of-bounds Read in getname_kernel

#syz test https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 3bd7d7488169

diff --git a/fs/btrfs/dev-replace.c b/fs/btrfs/dev-replace.c
index 1502d664c892..7a1d3c7a895b 100644
--- a/fs/btrfs/dev-replace.c
+++ b/fs/btrfs/dev-replace.c
@@ -741,6 +741,7 @@ int btrfs_dev_replace_by_ioctl(struct btrfs_fs_info *fs_info,
if ((args->start.srcdevid == 0 && args->start.srcdev_name[0] == '\0') ||
args->start.tgtdev_name[0] == '\0')
return -EINVAL;
+ args->start.tgtdev_name[BTRFS_PATH_NAME_MAX] = '\0';

ret = btrfs_dev_replace_start(fs_info, args->start.tgtdev_name,
args->start.srcdevid,

Next message: Jakub Kicinski: "Re: [PATCH] connector: Change the judgment conditions for clearing proc_event_num_listeners"
Previous message: kernel test robot: "Re: [PATCH v6 6/7] mm: Defer TLB flush by keeping both src and dst folios at migration"
In reply to: syzbot: "Re: [syzbot] [btrfs?] KASAN: slab-out-of-bounds Read in getname_kernel (2)"
Next in thread: syzbot: "Re: [syzbot] [btrfs?] KASAN: slab-out-of-bounds Read in getname_kernel (2)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]