Re: [PATCH] jffs2: fix kasan slab-out-of-bounds problem

>Reviewe-by: Joakim Tjernlund Thanks for your review. >It would be interesting to known how you managed to create such a dir entry as >that is a bug too. We discovered this bug by performing fuzzing tests, which simulate bit flips that may occur anywhere in a flash device in real-world scenario

Re: [PATCH] jffs2: fix kasan slab-out-of-bounds problem

-...@lists.infradead.org; linux-kernel@vger.kernel.org Cc: lizh...@huawei.com; wangfangpe...@huawei.com; xukunk...@huawei.com; zhongju...@huawei.com; chenj...@huawei.com Subject: [PATCH] jffs2: fix kasan slab-out-of-bounds problem From: lizhe KASAN report a slab-out-of-bounds problem. The logs are listed below

[PATCH] jffs2: fix kasan slab-out-of-bounds problem

From: lizhe KASAN report a slab-out-of-bounds problem. The logs are listed below. It is because in function jffs2_scan_dirent_node, we alloc "checkedlen+1" bytes for fd->name and we check crc with length rd->nsize. If checkedlen is less than rd->nsize, it will cause the slab-out-of-bounds problem