]> git.ipfire.org Git - thirdparty/kernel/stable.git/commit
jfs: fix array-index-out-of-bounds read in add_missing_indices
authorAditya Dutt <duttaditya18@gmail.com>
Tue, 1 Apr 2025 15:29:16 +0000 (20:59 +0530)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Fri, 27 Jun 2025 10:05:29 +0000 (11:05 +0100)
commit44618bee303bed151ef3a525ff79fbd7689593b5
treee2f27cc362971be90dfa03549bd8874399259bd5
parente3bb0c5a30719677758320371a9f075717c4c887
jfs: fix array-index-out-of-bounds read in add_missing_indices

[ Upstream commit 5dff41a86377563f7a2b968aae00d25b4ceb37c9 ]

stbl is s8 but it must contain offsets into slot which can go from 0 to
127.

Added a bound check for that error and return -EIO if the check fails.
Also make jfs_readdir return with error if add_missing_indices returns
with an error.

Reported-by: syzbot+b974bd41515f770c608b@syzkaller.appspotmail.com
Closes: https://syzkaller.appspot.com./bug?extid=b974bd41515f770c608b
Signed-off-by: Aditya Dutt <duttaditya18@gmail.com>
Signed-off-by: Dave Kleikamp <dave.kleikamp@oracle.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
fs/jfs/jfs_dtree.c