Commit 46498e5b authored by Juntong Deng's avatar Juntong Deng Committed by Yifan Qiao
Browse files

fs/jfs: Add validity check for db_maxag and db_agpref 

stable inclusion
from stable-v5.10.202
commit c6c8863fb3f57700ab583d875adda04caaf2278a
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I9RG40
CVE: CVE-2023-52804

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=c6c8863fb3f57700ab583d875adda04caaf2278a



--------------------------------

[ Upstream commit 64933ab7b04881c6c18b21ff206c12278341c72e ]

Both db_maxag and db_agpref are used as the index of the
db_agfree array, but there is currently no validity check for
db_maxag and db_agpref, which can lead to errors.

The following is related bug reported by Syzbot:

UBSAN: array-index-out-of-bounds in fs/jfs/jfs_dmap.c:639:20
index 7936 is out of range for type 'atomic_t[128]'

Add checking that the values of db_maxag and db_agpref are valid
indexes for the db_agfree array.

Reported-by: default avatar <syzbot+38e876a8aa44b7115c76@syzkaller.appspotmail.com>
Closes: https://syzkaller.appspot.com/bug?extid=38e876a8aa44b7115c76


Signed-off-by: default avatarJuntong Deng <juntong.deng@outlook.com>
Signed-off-by: default avatarDave Kleikamp <dave.kleikamp@oracle.com>
Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
Signed-off-by: default avatarWang Hai <wanghai38@huawei.com>
Signed-off-by: default avatarYifan Qiao <qiaoyifan4@huawei.com>
parent e4828f7d
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment