Commit f970feaa authored Nov 19, 2024 by Konstantin Komarov Committed by Yongjian Sun Nov 19, 2024

fs/ntfs3: Additional check in ni_clear()

mainline inclusion
from mainline-v6.12-rc3
commit d178944db36b3369b78a08ba520de109b89bf2a9
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/IB37AT
CVE: CVE-2024-50244

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d178944db36b3369b78a08ba520de109b89bf2a9



--------------------------------

Checking of NTFS_FLAGS_LOG_REPLAYING added to prevent access to
uninitialized bitmap during replay process.

Reported-by:  <syzbot+3bfd2cc059ab93efcdb4@syzkaller.appspotmail.com>
Signed-off-by: Konstantin Komarov <almaz.alexandrovich@paragon-software.com>
Conflicts:
	fs/ntfs3/frecord.c
[Context differences.]
Signed-off-by: Yongjian Sun <sunyongjian1@huawei.com>

parent 576c8cd1

fs/ntfs3/frecord.c

+2 −1

Original line number	Diff line number	Diff line
		@@ -101,7 +101,8 @@ void ni_clear(struct ntfs_inode *ni)
		{
		struct rb_node *node;

		if (!ni->vfs_inode.i_nlink && is_rec_inuse(ni->mi.mrec))
		if (!ni->vfs_inode.i_nlink && is_rec_inuse(ni->mi.mrec) &&
		!(ni->mi.sbi->flags & NTFS_FLAGS_LOG_REPLAYING))
		ni_delete_all(ni);

		al_destroy(ni);