fs/ntfs3: fix KMSAN uninit-value in ni_create_attr_list

The call to kmalloc() to allocate the attribute list buffer is given a
size of al_aligned(rs). This size can be larger than the data
subsequently copied into the buffer, leaving trailing bytes uninitialized.

This can trigger a KMSAN "uninit-value" warning if that memory is
later accessed.

Fix this by using kzalloc() instead, which ensures the entire
allocated buffer is zero-initialized, preventing the warning.

Reported-by: syzbot+83c9dd5c0dcf6184fdbf@syzkaller.appspotmail.com
Closes: https://syzkaller.appspot.com/bug?extid=83c9dd5c0dcf6184fdbf
Signed-off-by: Nirbhay Sharma <nirbhay.lkd@gmail.com>
Signed-off-by: Konstantin Komarov <almaz.alexandrovich@paragon-software.com>

diff --git a/fs/ntfs3/frecord.c b/fs/ntfs3/frecord.c
index e441811855265956577f9eeed00739d76393a0f1..c3638f4823934f9c3895aa7b1b31a71a0bcf9fdd 100644 (file)
--- a/fs/ntfs3/frecord.c
+++ b/fs/ntfs3/frecord.c
@@ -767,7 +767,7 @@ int ni_create_attr_list(struct ntfs_inode *ni)
         * Skip estimating exact memory requirement.
         * Looks like one record_size is always enough.
         */
-       le = kmalloc(al_aligned(rs), GFP_NOFS);
+       le = kzalloc(al_aligned(rs), GFP_NOFS);
        if (!le)
                return -ENOMEM;