diff options
| author | Dongliang Mu <mudongliangabcd@gmail.com> | 2022-03-22 14:38:39 -0700 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2022-04-15 14:14:55 +0200 |
| commit | 07793d2e55563124108762f4e5f811db92ffe02f (patch) | |
| tree | 3b7dc20f802930bbac0dc4a62e800ddd24efff93 /fs | |
| parent | 0d3a6926f7e8be3c897fa46216ce13b119a9f56a (diff) | |
| download | linux-stable-07793d2e55563124108762f4e5f811db92ffe02f.tar.gz linux-stable-07793d2e55563124108762f4e5f811db92ffe02f.tar.bz2 linux-stable-07793d2e55563124108762f4e5f811db92ffe02f.zip | |
ntfs: add sanity check on allocation size
[ Upstream commit 714fbf2647b1a33d914edd695d4da92029c7e7c0 ]
ntfs_read_inode_mount invokes ntfs_malloc_nofs with zero allocation
size. It triggers one BUG in the __ntfs_malloc function.
Fix this by adding sanity check on ni->attr_list_size.
Link: https://lkml.kernel.org/r/20220120094914.47736-1-dzm91@hust.edu.cn
Reported-by: syzbot+3c765c5248797356edaa@syzkaller.appspotmail.com
Signed-off-by: Dongliang Mu <mudongliangabcd@gmail.com>
Acked-by: Anton Altaparmakov <anton@tuxera.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Diffstat (limited to 'fs')
| -rw-r--r-- | fs/ntfs/inode.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/fs/ntfs/inode.c b/fs/ntfs/inode.c index e844b43f2eac..0acd1f02b146 100644 --- a/fs/ntfs/inode.c +++ b/fs/ntfs/inode.c @@ -1906,6 +1906,10 @@ int ntfs_read_inode_mount(struct inode *vi) } /* Now allocate memory for the attribute list. */ ni->attr_list_size = (u32)ntfs_attr_size(a); + if (!ni->attr_list_size) { + ntfs_error(sb, "Attr_list_size is zero"); + goto put_err_out; + } ni->attr_list = ntfs_malloc_nofs(ni->attr_list_size); if (!ni->attr_list) { ntfs_error(sb, "Not enough memory to allocate buffer " |