Commit c691e6bb authored by Manas Ghandat's avatar Manas Ghandat Committed by ZhaoLong Wang
Browse files

jfs: fix array-index-out-of-bounds in dbAdjTree 

stable inclusion
from stable-v4.19.307
commit 3d3898b4d72c677d47fe3cb554449f2df5c12555
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I96GQ3
CVE: CVE-2023-52601

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=3d3898b4d72c677d47fe3cb554449f2df5c12555

--------------------------------

[ Upstream commit 74ecdda68242b174920fe7c6133a856fb7d8559b ]

Currently there is a bound check missing in the dbAdjTree while
accessing the dmt_stree. To add the required check added the bool is_ctl
which is required to determine the size as suggest in the following
commit.
https://lore.kernel.org/linux-kernel-mentees/f9475918-2186-49b8-b801-6f0f9e75f4fa@oracle.com/



Reported-by: default avatar <syzbot+39ba34a099ac2e9bd3cb@syzkaller.appspotmail.com>
Closes: https://syzkaller.appspot.com/bug?extid=39ba34a099ac2e9bd3cb


Signed-off-by: default avatarManas Ghandat <ghandatmanas@gmail.com>
Signed-off-by: default avatarDave Kleikamp <dave.kleikamp@oracle.com>
Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
Signed-off-by: default avatarZhaoLong Wang <wangzhaolong1@huawei.com>
parent 7875dd00
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment