Re: KASAN: use-after-free Read in crypto_aead_free_instance

From: syzbot
Date: Wed Dec 20 2017 - 04:55:43 EST


Am Mittwoch, 20. Dezember 2017, 10:50:10 CET schrieb Dmitry Vyukov:

Hi Dmitry,

On Wed, Dec 20, 2017 at 10:29 AM, Stephan Mueller <smueller@xxxxxxxxxx>
wrote:
> Am Mittwoch, 20. Dezember 2017, 10:19:43 CET schrieb Dmitry Vyukov:
>
> Hi Dmitry,
>
>> > This issue vanishes after applying the patch "[PATCH v2] crypto: AF_ALG
>> > -
>> > limit mask and type".
>>
>> Hi Stephan,
>>
>> syzbot does not understand arbitrary English prose, it only understands
>
> this:
>> > Once a fix for this bug is merged into any tree, reply to this email
>> > with:
>> > #syz fix: exact-commit-title
>>
>> Let's tell it about the fix:
>>
>> #syz fix: crypto: AF_ALG - limit mask and type
>
> I have seen that this is the approach, but the fix is not yet in the tree.
> I just want to let folks know that there is a patch.

Ah, ok, sorry. It's just difficult to tell when there is a reason to
not provide the tag right now, or when people are don't know about
them or ignore.
If the patch is merged with this title, then there is nothing else to
do. If it's merged under a different title, a new "#syz fix:" tag will
override the old one.

Maybe you can teach the syzcaller that there is a proposed fix? E.g.

#syz proposed: commit-title

unknown command "proposed:"



Ciao
Stephan