diff options
author | Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> | 2023-05-11 17:48:45 +0300 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2023-07-19 17:35:19 +0300 |
commit | 9c8a0dd056faee7f50475c7de49ccfe1af8d149c (patch) | |
tree | 5bc49d69ad1a656c0b980049a0d5f123a5dcb985 | |
parent | f2832652160c354c6fa7774f5d2d5a92b66bd312 (diff) | |
download | linux-9c8a0dd056faee7f50475c7de49ccfe1af8d149c.tar.xz |
reiserfs: Initialize sec->length in reiserfs_security_init().
[ Upstream commit d031f4e8b493df299123fbb4ec13db870584ed28 ]
syzbot is reporting that sec->length is not initialized.
Since security_inode_init_security() returns 0 when initxattrs is provided
but call_int_hook(inode_init_security) returned -EOPNOTSUPP, control will
reach to "if (sec->length && ...) {" without initializing sec->length.
Reported-by: syzbot <syzbot+00a3779539a23cbee38c@syzkaller.appspotmail.com>
Closes: https://syzkaller.appspot.com/bug?extid=00a3779539a23cbee38c
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Fixes: 52ca4b6435a4 ("reiserfs: Switch to security_inode_init_security()")
Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
-rw-r--r-- | fs/reiserfs/xattr_security.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/fs/reiserfs/xattr_security.c b/fs/reiserfs/xattr_security.c index 6e0a099dd788..078dd8cc312f 100644 --- a/fs/reiserfs/xattr_security.c +++ b/fs/reiserfs/xattr_security.c @@ -67,6 +67,7 @@ int reiserfs_security_init(struct inode *dir, struct inode *inode, sec->name = NULL; sec->value = NULL; + sec->length = 0; /* Don't add selinux attributes on xattrs - they'll never get used */ if (IS_PRIVATE(dir)) |