From: Matthew Wilcox <willy@infradead.org>
To: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Cc: akpm@linux-foundation.org, linux-fsdevel@vger.kernel.org,
Tigran Aivazian <aivazian.tigran@gmail.com>,
syzbot <syzbot+71c6b5d68e91149fc8a4@syzkaller.appspotmail.com>
Subject: Re: [PATCH] bfs: add sanity check at bfs_fill_super().
Date: Wed, 9 May 2018 17:53:21 -0700 [thread overview]
Message-ID: <20180510005321.GA4903@bombadil.infradead.org> (raw)
In-Reply-To: <1525862104-3407-1-git-send-email-penguin-kernel@I-love.SAKURA.ne.jp>
On Wed, May 09, 2018 at 07:35:04PM +0900, Tetsuo Handa wrote:
> syzbot is reporting too large memory allocation at bfs_fill_super() [1].
> Since file system image is corrupted such that bfs_sb->s_start == 0,
> bfs_fill_super() is trying to allocate 8MB of continuous memory. Fix this
> by adding a sanity check on bfs_sb->s_start, __GFP_NOWARN and printf().
>
> [1] https://syzkaller.appspot.com/bug?id=16a87c236b951351374a84c8a32f40edbc034e96
Looking at that C reproducer, it looks like it's trying to fuzz filesystem
images:
https://syzkaller.appspot.com/text?tag=ReproC&x=15b834a7800000
Do we really want this? I was under the impression that we simply do not
care about attackers who have control of the media, and having syzbot
generate thousands of bugs that nobody will work on is not a good use
of anybody's time.
prev parent reply other threads:[~2018-05-10 0:53 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-05-09 10:35 [PATCH] bfs: add sanity check at bfs_fill_super() Tetsuo Handa
2018-05-09 23:06 ` Andrew Morton
[not found] ` <201805092346.w49NkINl045657@www262.sakura.ne.jp>
2018-05-09 23:53 ` Andrew Morton
2018-06-13 13:33 ` Tetsuo Handa
2018-06-13 13:49 ` Tigran Aivazian
2018-06-13 16:00 ` Dmitry Vyukov
2018-06-14 12:23 ` Tigran Aivazian
2018-06-14 12:38 ` Dmitry Vyukov
2018-06-14 13:05 ` Tigran Aivazian
2018-06-14 13:12 ` Dmitry Vyukov
2018-06-14 13:28 ` Tetsuo Handa
2018-06-14 15:13 ` Tigran Aivazian
2018-06-14 16:15 ` Tigran Aivazian
2018-06-14 19:00 ` Tigran Aivazian
2018-06-14 22:18 ` Tetsuo Handa
2018-06-15 10:45 ` Tigran Aivazian
2018-06-13 22:09 ` Tetsuo Handa
2018-06-14 7:38 ` Tigran Aivazian
2018-06-14 10:45 ` Tetsuo Handa
2018-06-14 12:11 ` Tigran Aivazian
2018-05-10 0:53 ` Matthew Wilcox [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180510005321.GA4903@bombadil.infradead.org \
--to=willy@infradead.org \
--cc=aivazian.tigran@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=penguin-kernel@I-love.SAKURA.ne.jp \
--cc=syzbot+71c6b5d68e91149fc8a4@syzkaller.appspotmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.