Re: [PATCH] hfs/hfsplus: Clean up unused variables in bnode.c

On Sat, Oct 14, 2017 at 11:32:26AM +0100, Christos Gkekas wrote: > Delete variables 'tree' and 'sb', which are set but never used. > > Signed-off-by: Christos Gkekas <chris.ge...@gmail.com> Looks good. If it helps you can add: Reviewed-by: Ernesto A. Fernández <ernesto.mnd.f

Re: [PATCH] hfsplus: stop workqueue when fill_super() failed

On Tue, May 15, 2018 at 07:11:06PM +0900, Tetsuo Handa wrote: > From ffd64dcf946502e7bb1d23c021ee9a4fc92f9312 Mon Sep 17 00:00:00 2001 > From: Tetsuo Handa > Date: Tue, 15 May 2018 12:23:03 +0900 > Subject: [PATCH] hfsplus: stop workqueue when fill_super()

Re: Mounting corrupted HFS+ causes kernel NULL pointer dereference

48 8b 2f 85 c0 0f 84 89 00 00 00 49 89 fc 48 8d > 75 6c > [1.651492] RIP: hfsplus_bnode_put+0x9/0xc0 RSP: b750409b7a58 > [1.651583] CR2: 0043 > [ 1.651851] ---[ end trace d164982d45c0eb53 ]--- > > (full log attached) > > And when I mount hfspl

Re: Mounting corrupted HFS+ causes kernel NULL pointer dereference

Hi, thank you for your report. On Sun, Jun 03, 2018 at 06:52:19PM +0300, Anatoly Trosinenko wrote: > How to reproduce: > 1. Take kernel source v4.17-rc7 > 2. Compile it with the config attached > 3. Unpack and mount the attached FS image as hfsplus. We are aware of this issue and I've sent some

Re: Mounting corrupted HFS+ causes kernel NULL pointer dereference

Hi again: A patch for your original report has already been added to the -mm tree. On Tue, Jun 12, 2018 at 09:43:26PM +0300, Anatoly Trosinenko wrote: > Now, when mounting the attached hfsplus_16mb_segv to /mnt and > performing `dd if=/dev/zero of=/mnt/xyz bs=567879 count=1` I get > > [

Re: Mounting corrupted HFS+ causes kernel NULL pointer dereference

On Fri, Jun 29, 2018 at 03:45:43PM -0300, Ernesto A. Fernández wrote: > Hi again: > > A patch for your original report has already been added to the -mm tree. > > On Tue, Jun 12, 2018 at 09:43:26PM +0300, Anatoly Trosinenko wrote: > > Now, when mounting the attached hfsp

Re: [PATCH] hfsplus: don't return 0 when fill_super() failed

d-off-by: Tetsuo Handa > Reported-by: syzbot > Cc: Al Viro It's been too long. I think I should give up on my patch. Maybe a review can help your version get merged. Reviewed-by: Ernesto A. Fernández > --- > fs/hfsplus/super.c | 4 +++- > 1 file changed, 3 insertions(+), 1 de

Re: Mounting corrupted HFS+ causes kernel NULL pointer dereference

On Tue, Jun 12, 2018 at 09:43:26PM +0300, Anatoly Trosinenko wrote: > And when I mount hfsplus_16mb_hang and perform `echo > /mnt/xyz`, it hangs. I just sent you a patch for this final report. Let me know if it works for you.

Re: Mounting corrupted HFS+ causes kernel NULL pointer dereference

ing blocks. > > Thanks, > Anatoly OK, I'll take a look at the truncation error codes as soon as I'm done with the other deadlocks I found. It could take a while. Thanks for the testing. Ernest > пн, 9 июл. 2018 г. в 23:35, Ernesto A. Fernández > : > > > > On Tue, Jun

Re: [PATCH] hfs: fix array out of bounds read of array extent

erityScan, CID#711541 ("Out of bounds read") > > Fixes: d1081202f1d0 ("HFS rewrite") > Signed-off-by: Colin Ian King I don't think this got picked up yet; let's see if I can help. Reviewed-by: Ernesto A. Fernández > --- > fs/hfs/extent.c | 2 +- > 1 file

Re: [PATCH] hfs: fix array out of bounds read of array extent

On Wed, Oct 17, 2018 at 03:01:17PM -0700, Andrew Morton wrote: > On Fri, 31 Aug 2018 15:05:38 +0100 Colin King > wrote: > > > From: Colin Ian King > > > > Currently extent and index i are both being incremented causing > > an array out of bounds read on extent[i]. Fix this by removing > > the

Re: [PATCH] hfsplus: stop workqueue when fill_super() failed

On Tue, May 15, 2018 at 07:11:06PM +0900, Tetsuo Handa wrote: > From ffd64dcf946502e7bb1d23c021ee9a4fc92f9312 Mon Sep 17 00:00:00 2001 > From: Tetsuo Handa > Date: Tue, 15 May 2018 12:23:03 +0900 > Subject: [PATCH] hfsplus: stop workqueue when fill_super() failed > > syzbot is reporting ODEBUG

Re: [PATCH] hfs/hfsplus: Clean up unused variables in bnode.c

On Sat, Oct 14, 2017 at 11:32:26AM +0100, Christos Gkekas wrote: > Delete variables 'tree' and 'sb', which are set but never used. > > Signed-off-by: Christos Gkekas Looks good. If it helps you can add: Reviewed-by: Ernesto A. Fernández > --- > fs/hfs/bnode.c | 4 ---

Re: [Linux-kernel-mentees] [PATCH] hfs, hfsplus: Fix NULL pointer dereference in hfs_find_init()

Hi, On Wed, Aug 12, 2020 at 11:59:04AM +0300, Dan Carpenter wrote: > Yeah, the patch doesn't work at all. I looked at one call tree and it > is: > > hfs_mdb_get() tries to allocate HFS_SB(sb)->ext_tree. > > HFS_SB(sb)->ext_tree = hfs_btree_open(sb, HFS_EXT_CNID, hfs_ext_keycmp); >

Re: [Linux-kernel-mentees] [PATCH] hfs, hfsplus: Fix NULL pointer dereference in hfs_find_init()

On Wed, Aug 12, 2020 at 05:24:20PM -0300, Ernesto A. Fernández wrote: > If that's what the reproducer is about, I think just returning an error is > reasonable. I guess it would be better to put a check inside hfsplus_inode_read_fork(), to verify that the first extent is always in the right

Re: [PATCH 2/2] hfsplus: add a check for hfs_bnode_find

Hi, On Wed, Oct 16, 2019 at 08:06:20PM +0800, Chuhong Yuan wrote: > hfs_brec_update_parent misses a check for hfs_bnode_find and may miss > the failure. > Add a check for it like what is done in again. > > Signed-off-by: Chuhong Yuan > --- > fs/hfsplus/brec.c | 2 ++ > 1 file changed, 2

Re: [PATCH 2/2] hfsplus: add a check for hfs_bnode_find

On Thu, Oct 17, 2019 at 09:30:20AM +0800, Chuhong Yuan wrote: > On Thu, Oct 17, 2019 at 8:07 AM Ernesto A. Fernández > wrote: > > > > Hi, > > > > On Wed, Oct 16, 2019 at 08:06:20PM +0800, Chuhong Yuan wrote: > > > hfs_brec_update_parent misses

Re: Mounting corrupted HFS+ causes kernel NULL pointer dereference

On Tue, Jun 12, 2018 at 09:43:26PM +0300, Anatoly Trosinenko wrote: > And when I mount hfsplus_16mb_hang and perform `echo > /mnt/xyz`, it hangs. I just sent you a patch for this final report. Let me know if it works for you.

Re: Mounting corrupted HFS+ causes kernel NULL pointer dereference

ing blocks. > > Thanks, > Anatoly OK, I'll take a look at the truncation error codes as soon as I'm done with the other deadlocks I found. It could take a while. Thanks for the testing. Ernest > пн, 9 июл. 2018 г. в 23:35, Ernesto A. Fernández > : > > > > On Tue, Jun

Re: [PATCH] hfsplus: don't return 0 when fill_super() failed

d-off-by: Tetsuo Handa > Reported-by: syzbot > Cc: Al Viro It's been too long. I think I should give up on my patch. Maybe a review can help your version get merged. Reviewed-by: Ernesto A. Fernández > --- > fs/hfsplus/super.c | 4 +++- > 1 file changed, 3 insertions(+), 1 de

Re: Mounting corrupted HFS+ causes kernel NULL pointer dereference

Hi again: A patch for your original report has already been added to the -mm tree. On Tue, Jun 12, 2018 at 09:43:26PM +0300, Anatoly Trosinenko wrote: > Now, when mounting the attached hfsplus_16mb_segv to /mnt and > performing `dd if=/dev/zero of=/mnt/xyz bs=567879 count=1` I get > > [

Re: Mounting corrupted HFS+ causes kernel NULL pointer dereference

On Fri, Jun 29, 2018 at 03:45:43PM -0300, Ernesto A. Fernández wrote: > Hi again: > > A patch for your original report has already been added to the -mm tree. > > On Tue, Jun 12, 2018 at 09:43:26PM +0300, Anatoly Trosinenko wrote: > > Now, when mounting the attached hfsp

Re: Mounting corrupted HFS+ causes kernel NULL pointer dereference

Hi, thank you for your report. On Sun, Jun 03, 2018 at 06:52:19PM +0300, Anatoly Trosinenko wrote: > How to reproduce: > 1. Take kernel source v4.17-rc7 > 2. Compile it with the config attached > 3. Unpack and mount the attached FS image as hfsplus. We are aware of this issue and I've sent some

Re: [PATCH] hfs: fix array out of bounds read of array extent

erityScan, CID#711541 ("Out of bounds read") > > Fixes: d1081202f1d0 ("HFS rewrite") > Signed-off-by: Colin Ian King I don't think this got picked up yet; let's see if I can help. Reviewed-by: Ernesto A. Fernández > --- > fs/hfs/extent.c | 2 +- > 1 file

Re: [PATCH] hfs: fix array out of bounds read of array extent

On Wed, Oct 17, 2018 at 03:01:17PM -0700, Andrew Morton wrote: > On Fri, 31 Aug 2018 15:05:38 +0100 Colin King > wrote: > > > From: Colin Ian King > > > > Currently extent and index i are both being incremented causing > > an array out of bounds read on extent[i]. Fix this by removing > > the

[ANNOUNCE] Read-only APFS module

Hi: We've been working on a read-only module for the Apple File System. It's reasonably full-featured (no compression or encryption yet) but not very well tested, so I'm hoping to find some interested users. Questions and criticism are welcome. Git tree:

Re: Mounting corrupted HFS+ causes kernel NULL pointer dereference

48 8b 2f 85 c0 0f 84 89 00 00 00 49 89 fc 48 8d > 75 6c > [1.651492] RIP: hfsplus_bnode_put+0x9/0xc0 RSP: b750409b7a58 > [1.651583] CR2: 0043 > [ 1.651851] ---[ end trace d164982d45c0eb53 ]--- > > (full log attached) > > And when I mount hfspl