* [Bug 200925] New: null pointer dereference in xfs_dir_isempty()
@ 2018-08-24 13:35 bugzilla-daemon
2018-08-24 13:36 ` [Bug 200925] " bugzilla-daemon
2018-08-24 13:36 ` bugzilla-daemon
0 siblings, 2 replies; 3+ messages in thread
From: bugzilla-daemon @ 2018-08-24 13:35 UTC (permalink / raw)
To: linux-xfs
https://bugzilla.kernel.org/show_bug.cgi?id=200925
Bug ID: 200925
Summary: null pointer dereference in xfs_dir_isempty()
Product: File System
Version: 2.5
Kernel Version: 4.18
Hardware: All
OS: Linux
Tree: Mainline
Status: NEW
Severity: normal
Priority: P1
Component: XFS
Assignee: filesystem_xfs@kernel-bugs.kernel.org
Reporter: wen.xu@gatech.edu
Regression: No
Created attachment 278069
--> https://bugzilla.kernel.org/attachment.cgi?id=278069&action=edit
poc.c
- Reproduce
# mkdir mnt
# mount -t xfs 79.img mnt
# gcc 79.c
# ./a.out ./mnt
- Kernel message
Check attachment: 79.log
- Reason
https://elixir.bootlin.com/linux/latest/source/fs/xfs/libxfs/xfs_dir2.c#L185
sfp = (xfs_dir2_sf_hdr_t *)dp->i_df.if_u1.if_data;
return !sfp->count;
Missing checks on sfp.
Reported by Wen Xu (wen.xu@gatech.edu) from SSLab.
--
You are receiving this mail because:
You are watching the assignee of the bug.
^ permalink raw reply [flat|nested] 3+ messages in thread
* [Bug 200925] null pointer dereference in xfs_dir_isempty()
2018-08-24 13:35 [Bug 200925] New: null pointer dereference in xfs_dir_isempty() bugzilla-daemon
@ 2018-08-24 13:36 ` bugzilla-daemon
2018-08-24 13:36 ` bugzilla-daemon
1 sibling, 0 replies; 3+ messages in thread
From: bugzilla-daemon @ 2018-08-24 13:36 UTC (permalink / raw)
To: linux-xfs
https://bugzilla.kernel.org/show_bug.cgi?id=200925
--- Comment #1 from Wen Xu (wen.xu@gatech.edu) ---
Created attachment 278071
--> https://bugzilla.kernel.org/attachment.cgi?id=278071&action=edit
The (compressed) crafted image which causes crash
--
You are receiving this mail because:
You are watching the assignee of the bug.
^ permalink raw reply [flat|nested] 3+ messages in thread
* [Bug 200925] null pointer dereference in xfs_dir_isempty()
2018-08-24 13:35 [Bug 200925] New: null pointer dereference in xfs_dir_isempty() bugzilla-daemon
2018-08-24 13:36 ` [Bug 200925] " bugzilla-daemon
@ 2018-08-24 13:36 ` bugzilla-daemon
1 sibling, 0 replies; 3+ messages in thread
From: bugzilla-daemon @ 2018-08-24 13:36 UTC (permalink / raw)
To: linux-xfs
https://bugzilla.kernel.org/show_bug.cgi?id=200925
--- Comment #2 from Wen Xu (wen.xu@gatech.edu) ---
Created attachment 278073
--> https://bugzilla.kernel.org/attachment.cgi?id=278073&action=edit
kernel log
--
You are receiving this mail because:
You are watching the assignee of the bug.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2018-08-24 17:10 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-08-24 13:35 [Bug 200925] New: null pointer dereference in xfs_dir_isempty() bugzilla-daemon
2018-08-24 13:36 ` [Bug 200925] " bugzilla-daemon
2018-08-24 13:36 ` bugzilla-daemon
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).