git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Dmitry Antipov <dmantipov@yandex.ru>
	Mon, 13 Oct 2025 10:37:09 +0000 (13:37 +0300)
committer	Andrew Morton <akpm@linux-foundation.org>
	Wed, 12 Nov 2025 18:00:15 +0000 (10:00 -0800)
commit	aa5b6a72ccd9fad2d2ed875631f6aca6b0633d80
tree	6eae37671525e96a14663a0c007c4614595a4147	tree
parent	37ade54f386c829597f74b54bad335c12bd2a698	commit \| diff

ocfs2: add directory size check to ocfs2_find_dir_space_id()

Fix a null-pointer-deref which was detected by UBSAN:

KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]
CPU: 0 UID: 0 PID: 5317 Comm: syz-executor310 Not tainted 6.15.0-syzkaller-12141-gec7714e49479 #0 PREEMPT(full)

In 'ocfs2_find_dir_space_id()', add extra check whether the directory data
block is large enough to hold at least one directory entry, and raise
'ocfs2_error()' if the former is unexpectedly small.

Link: https://lkml.kernel.org/r/20251013103709.146001-1-dmantipov@yandex.ru
Reported-by: syzbot+ded9116588a7b73c34bc@syzkaller.appspotmail.com
Closes: https://syzkaller.appspot.com/bug?extid=ded9116588a7b73c34bc
Signed-off-by: Dmitry Antipov <dmantipov@yandex.ru>
Reviewed-by: Heming Zhao <heming.zhao@suse.com>
Cc: Joseph Qi <jiangqi903@gmail.com>
Cc: Mark Fasheh <mark@fasheh.com>
Cc: Joel Becker <jlbec@evilplan.org>
Cc: Junxiao Bi <junxiao.bi@oracle.com>
Cc: Changwei Ge <gechangwei@live.cn>
Cc: Jun Piao <piaojun@huawei.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>