linux/fs/ext4/ext4.h at a84c872c8b306e11c95c4912f4bed7f567e901b4

mirror of https://github.com/raspberrypi/linux.git synced 2025-12-08 19:09:57 +00:00

Files

Theodore Ts'o 44dcd01ee1 ext4: fix use-after-free race in ext4_remount()'s error path

commit 33458eaba4 upstream.

It's possible for ext4_show_quota_options() to try reading
s_qf_names[i] while it is being modified by ext4_remount() --- most
notably, in ext4_remount's error path when the original values of the
quota file name gets restored.

Reported-by: syzbot+a2872d6feea6918008a9@syzkaller.appspotmail.com
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Cc: stable@kernel.org # 3.2+
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

2018-11-13 11:15:06 -08:00

115 KiB

Raw Blame History

View Raw

115 KiB Raw Blame History

115 KiB

Raw Blame History