Re: [PATCH] jfs: Fix array-index-out-of-bounds in diFree

From: Jeongjun Park
Date: Thu Apr 25 2024 - 10:29:55 EST

Next message: Kory Maincent: "Re: [PATCH net-next v3 0/3] net: pse-pd: Fixes for few small issues"
Previous message: Steven Price: "Re: [PATCH] drm/panthor: Add defer probe for firmware load"
In reply to: Dave Kleikamp: "Re: [PATCH] jfs: Fix array-index-out-of-bounds in diFree"
Next in thread: Matthew Wilcox: "Re: [PATCH] jfs: Fix array-index-out-of-bounds in diFree"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Matthew Wilcox wrote:
> It should be checked earlier than this. There's this code in
> dbMount(). Why isn't this catching it?

This vulnerability occurs because a very large value can be passed
to iagp->agstart. So that code doesn't prevent the vulnerability.

Next message: Kory Maincent: "Re: [PATCH net-next v3 0/3] net: pse-pd: Fixes for few small issues"
Previous message: Steven Price: "Re: [PATCH] drm/panthor: Add defer probe for firmware load"
In reply to: Dave Kleikamp: "Re: [PATCH] jfs: Fix array-index-out-of-bounds in diFree"
Next in thread: Matthew Wilcox: "Re: [PATCH] jfs: Fix array-index-out-of-bounds in diFree"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]