[Linux-kernel-mentees] [PATCH] hfs, hfsplus: Fix NULL pointer dereference in hfs_find_init()

Big Budsupply bigbudsupply1 at gmail.com
Wed Aug 12 11:42:13 UTC 2020


Hello guys hope you are doing good! we are Bigbudsupply we grow and sell
the best medical marijuana product, we are looking for long time customers,
you can Email us /Bigbudsupply1 at gmail.com
Text/+14432672189
Looking forward to working with you guys

On Wed, 12 Aug 2020 at 09:59 Dan Carpenter <dan.carpenter at oracle.com> wrote:

> Yeah, the patch doesn't work at all.  I looked at one call tree and it
>
> is:
>
>
>
> hfs_mdb_get() tries to allocate HFS_SB(sb)->ext_tree.
>
>
>
>         HFS_SB(sb)->ext_tree = hfs_btree_open(sb, HFS_EXT_CNID,
> hfs_ext_keycmp);
>
>                     ^^^^^^^^
>
>
>
> hfs_btree_open() calls page = read_mapping_page(mapping, 0, NULL);
>
> read_mapping_page() calls mapping->a_ops->readpage() which leads to
>
> hfs_readpage() which leads to hfs_ext_read_extent() which calls
>
> res = hfs_find_init(HFS_SB(inode->i_sb)->ext_tree, &fd);
>
>                                          ^^^^^^^^
>
>
>
> So we need ->ext_tree to be non-NULL before we can set ->ext_tree to be
>
> non-NULL...  :/
>
>
>
> I wonder how long this has been broken and if we should just delete the
>
> AFS file system.
>
>
>
> regards,
>
> dan carpenter
>
>
>
> --
>
> You received this message because you are subscribed to the Google Groups
> "syzkaller-bugs" group.
>
> To unsubscribe from this group and stop receiving emails from it, send an
> email to syzkaller-bugs+unsubscribe at googlegroups.com.
>
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/syzkaller-bugs/20200812085904.GA16441%40kadam
> .
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/linux-kernel-mentees/attachments/20200812/133ba27a/attachment.html>


More information about the Linux-kernel-mentees mailing list