hamza.kesraoui/sst-linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5fed5f6de3
sst-linux/fs
History
Yuezhang Mo 83048539a7 exfat: fix the infinite loop in exfat_find_last_cluster() 
[ Upstream commit b0522303f67255926b946aa66885a0104d1b2980 ]

In exfat_find_last_cluster(), the cluster chain is traversed until
the EOF cluster. If the cluster chain includes a loop due to file
system corruption, the EOF cluster cannot be traversed, resulting
in an infinite loop.

If the number of clusters indicated by the file size is inconsistent
with the cluster chain length, exfat_find_last_cluster() will return
an error, so if this inconsistency is found, the traversal can be
aborted without traversing to the EOF cluster.

Reported-by: syzbot+f7d147e6db52b1e09dba@syzkaller.appspotmail.com
Closes: https://syzkaller.appspot.com/bug?extid=f7d147e6db52b1e09dba
Tested-by: syzbot+f7d147e6db52b1e09dba@syzkaller.appspotmail.com
Fixes: 31023864e6 ("exfat: add fat entry operations")
Signed-off-by: Yuezhang Mo <Yuezhang.Mo@sony.com>
Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2025-04-10 14:33:37 +02:00
..
9p fs/9p: fix uninitialized values during inode evict 2024-11-22 15:37:34 +01:00
adfs
affs
afs afs: Fix the server_list to unuse a displaced server rather than putting it 2025-03-07 16:56:43 +01:00
autofs autofs: fix memory leak of waitqueues in autofs_catatonic_mode 2023-09-23 11:10:59 +02:00
befs
bfs
btrfs btrfs: fix hole expansion when writing at an offset beyond EOF 2025-02-21 13:50:06 +01:00
cachefiles cachefiles: Fix NULL pointer dereference in object->file 2025-02-21 13:49:54 +01:00
ceph ceph: give up on paths longer than PATH_MAX 2025-01-17 13:34:36 +01:00
coda
configfs
cramfs
crypto fs: Create a generic is_dot_dotdot() utility 2024-10-17 15:21:17 +02:00
debugfs debugfs: fix automount d_fsdata usage 2024-01-20 11:50:04 +01:00
devpts
dlm fs: dlm: don't put dlm_local_addrs on heap 2024-02-16 19:06:29 +01:00
ecryptfs fs: Create a generic is_dot_dotdot() utility 2024-10-17 15:21:17 +02:00
efivarfs efivarfs: Fix error on non-existent file 2024-12-27 13:52:55 +01:00
efs
erofs erofs: handle NONHEAD !delta[1] lclusters gracefully 2025-01-23 17:17:17 +01:00
exfat exfat: fix the infinite loop in exfat_find_last_cluster() 2025-04-10 14:33:37 +02:00
exportfs exportfs: use pr_debug for unreachable debug statements 2024-03-06 14:45:15 +00:00
ext2 ext2: Verify bitmap and itable block numbers before using them 2024-08-03 08:49:32 +02:00
ext4 ext4: fix access to uninitialised lock in fc replay path 2025-02-01 18:30:10 +01:00
f2fs f2fs: fix to wait dio completion 2025-02-21 13:50:12 +01:00
fat fat: fix uninitialized variable 2024-10-22 15:56:43 +02:00
freevxfs
fscache netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING 2024-12-14 19:53:15 +01:00
fuse fuse: fix dax truncate/punch_hole fault path 2025-04-10 14:33:36 +02:00
gfs2 gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag 2025-02-01 18:30:09 +01:00
hfs hfs: Sanity check the root record 2025-01-23 17:17:11 +01:00
hfsplus hfsplus: don't query the device logical block size multiple times 2024-12-14 19:53:16 +01:00
hostfs
hpfs
hugetlbfs mm/hugetlb: add hugetlb_folio_subpool() helpers 2024-05-17 11:55:51 +02:00
iomap iomap: avoid avoid truncating 64-bit offset to 32 bits 2025-01-23 17:17:12 +01:00
isofs isofs: fix KMSAN uninit-value bug in do_isofs_readdir() 2025-04-10 14:33:35 +02:00
jbd2 jbd2: flush filesystem device before updating tail sequence 2025-01-17 13:34:37 +01:00
jffs2 jffs2: Fix rtime decompressor 2024-12-14 19:54:52 +01:00
jfs jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree 2024-12-14 19:54:43 +01:00
kernfs kernfs: fix false-positive WARN(nr_mmapped) in kernfs_drain_open_files 2024-08-29 17:30:35 +02:00
lockd nfsd: stop setting ->pg_stats for unused stats 2024-08-19 06:00:04 +02:00
minix
netfs netfs: Only call folio_start_fscache() one time for each folio 2023-10-06 14:56:32 +02:00
nfs NFSv4: Don't trigger uneccessary scans for return-on-close delegations 2025-04-10 14:33:36 +02:00
nfs_common
nfsd NFSD: fix hang in nfsd4_shutdown_callback 2025-02-21 13:49:56 +01:00
nilfs2 nilfs2: handle errors that nilfs_prepare_chunk() may return 2025-03-13 12:53:25 +01:00
nls fs/nls: make load_nls() take a const parameter 2023-09-13 09:42:22 +02:00
notify fsnotify: fix sending inotify event with unexpected filename 2024-12-14 19:53:59 +01:00
ntfs
ntfs3 fs/ntfs3: Fix a couple integer overflows on 32bit systems 2025-04-10 14:33:36 +02:00
ocfs2 ocfs2: validate l_tree_depth to avoid out-of-bounds access 2025-04-10 14:33:36 +02:00
omfs
openpromfs openpromfs: finish conversion to the new mount API 2024-06-12 11:03:03 +02:00
orangefs orangefs: fix a oob in orangefs_debug_write 2025-02-21 13:50:00 +01:00
overlayfs ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up 2025-03-07 16:56:42 +01:00
proc fs/procfs: fix the comment above proc_pid_wchan() 2025-04-10 14:33:37 +02:00
pstore pstore/blk: trivial typo fixes 2025-02-21 13:48:53 +01:00
qnx4
qnx6
quota quota: flush quota_release_work upon quota writeback 2024-12-14 19:54:10 +01:00
ramfs
reiserfs reiserfs: fix uninit-value in comp_keys 2024-08-29 17:30:20 +02:00
romfs
smb ksmbd: fix incorrect validation for num_aces field of smb_acl 2025-03-28 21:59:01 +01:00
squashfs Squashfs: check the inode number is not the invalid value of zero 2025-03-07 16:56:51 +01:00
sysfs fs: sysfs: Fix reference leak in sysfs_break_active_protection() 2024-04-27 17:07:16 +02:00
sysv sysv: don't call sb_bread() with pointers_lock held 2024-04-13 13:05:05 +02:00
tracefs tracefs: Add missing lockdown check to tracefs_create_dir() 2023-09-23 11:11:12 +02:00
ubifs ubifs: skip dumping tnc tree when zroot is null 2025-02-21 13:49:21 +01:00
udf udf: Fix directory iteration for longer tail extents 2024-12-27 13:53:01 +01:00
ufs
unicode Revert "unicode: Don't special case ignorable code points" 2024-12-14 19:54:50 +01:00
vboxsf vboxsf: fix building with GCC 15 2025-03-28 21:58:51 +01:00
verity fsverity: skip PKCS#7 parser when keyring is empty 2023-09-13 09:43:03 +02:00
xfs xfs: give xfs_extfree_intent its own perag reference 2025-03-28 21:59:02 +01:00
zonefs zonefs: Improve error handling 2024-02-23 09:12:45 +01:00
aio.c fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion 2024-04-03 15:19:42 +02:00
anon_inodes.c
attr.c attr: block mode changes of symlinks 2023-09-23 11:11:10 +02:00
bad_inode.c
binfmt_elf_fdpic.c fs: binfmt_elf_efpic: don't use missing interpreter's properties 2024-08-29 17:30:35 +02:00
binfmt_elf_test.c
binfmt_elf.c ELF: fix kernel.randomize_va_space double read 2024-09-12 11:10:19 +02:00
binfmt_flat.c binfmt_flat: Fix integer overflow bug on 32 bit systems 2025-02-21 13:49:39 +01:00
binfmt_misc.c binfmt_misc: cleanup on filesystem umount 2024-08-29 17:30:30 +02:00
binfmt_script.c Merge branch 'akpm' (patches from Andrew) 2020-06-04 19:18:29 -07:00
buffer.c
char_dev.c
compat_binfmt_elf.c
coredump.c
d_path.c
dax.c fsdax: dax_unshare_iter needs to copy entire blocks 2024-11-08 16:26:42 +01:00
dcache.c fs: better handle deep ancestor chains in is_subdir() 2024-07-25 09:49:18 +02:00
direct-io.c
drop_caches.c
eventfd.c eventfd: prevent underflow for eventfd semaphores 2023-09-13 09:42:27 +02:00
eventpoll.c epoll: Add synchronous wakeup support for ep_poll_callback 2024-12-27 13:53:01 +01:00
exec.c exec: fix up /proc/pid/comm in the execveat(AT_EMPTY_PATH) case 2025-02-21 13:49:29 +01:00
fcntl.c fs: Fix file_set_fowner LSM hook inconsistencies 2024-10-17 15:21:23 +02:00
fhandle.c do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak 2024-03-26 18:20:27 -04:00
file_table.c fs: fix proc_handler for sysctl_nr_open 2025-02-21 13:48:53 +01:00
file.c fs: fix missing declaration of init_files 2025-01-23 17:17:11 +01:00
filesystems.c
fs_context.c vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing 2023-09-13 09:42:28 +02:00
fs_parser.c
fs_pin.c
fs_struct.c
fs_types.c
fs-writeback.c writeback, cgroup: switch inodes with dirty timestamps to release dying cgwbs 2023-11-20 11:51:50 +01:00
fsopen.c
init.c
inode.c fs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name 2024-12-14 19:53:13 +01:00
internal.h nfs: use vfs setgid helper 2023-08-30 16:11:10 +02:00
ioctl.c lsm: new security_file_ioctl_compat() hook 2024-01-31 16:17:00 -08:00
Kconfig
Kconfig.binfmt
kernel_read_file.c
libfs.c
locks.c filelock: Fix fcntl/close race recovery compat path 2024-07-27 11:32:19 +02:00
Makefile
mbcache.c ext4: fix deadlock due to mbcache entry corruption 2023-01-07 11:12:02 +01:00
mount.h
mpage.c
namei.c fuse: don't truncate cached, mutated symlink 2025-03-28 21:58:53 +01:00
namespace.c mount: handle OOM on mnt_warn_timestamp_expiry 2024-10-17 15:20:37 +02:00
no-block.c
nsfs.c
open.c openat2: explicitly return -E2BIG for (usize > PAGE_SIZE) 2024-11-01 01:56:06 +01:00
pipe.c fs/pipe: Fix lockdep false-positive in watchqueue pipe_write() 2024-04-10 16:28:30 +02:00
pnode.c
pnode.h
posix_acl.c
proc_namespace.c
read_write.c
readdir.c
remap_range.c
select.c hrtimer: Use and report correct timerslack values for realtime tasks 2025-03-28 21:58:48 +01:00
seq_file.c
signalfd.c
splice.c mm: merge folio_has_private()/filemap_release_folio() call pairs 2024-01-10 17:10:31 +01:00
stack.c
stat.c
statfs.c
super.c fs: don't allow non-init s_user_ns for filesystems without FS_USERNS_MOUNT 2024-08-03 08:49:53 +02:00
sync.c
sysctls.c
timerfd.c
userfaultfd.c Fix userfaultfd_api to return EINVAL as expected 2024-07-18 13:18:41 +02:00
utimes.c
xattr.c