2023-06-05 21:50 GMT+09:00, 張智諺 <cc85nod@xxxxxxxxx>: > Hello, Namjae Jeon, > > After fuzzing for hours, this bug is not triggered, Thanks for your confirmation! Let me know if you have any other issues with your fuzzer. > > Thanks! > > Namjae Jeon <linkinjeon@xxxxxxxxxx> 於 2023年6月5日 週一 上午1:01寫道: > >> 2023-06-04 3:44 GMT+09:00, 張智諺 <cc85nod@xxxxxxxxx>: >> > Hello, Namjae Jeon, >> Hi Chih-Yen, >> >> Could you please check if your issue is fixed ? >> >> Thanks! >> > >> > The root cause of this bug is the same as >> > 3ff6bb18ebaa5458a877b47bf7dbe99100a4ff31 (ksmbd: validate smb request >> > protocol id), but it occurs in compound requests. >> > >> > [ 8.912659] BUG: KASAN: slab-out-of-bounds in >> > smb2_sess_setup+0x3ac/0x1a70 >> > [ 8.913081] Read of size 4 at addr ffff88800ac8bb34 by task >> > kworker/0:0/7 >> > ... >> > [ 8.914963] Call Trace: >> > [ 8.915121] <TASK> >> > [ 8.915261] dump_stack_lvl+0x33/0x50 >> > [ 8.915498] print_report+0xcc/0x620 >> > [ 8.916242] kasan_report+0xae/0xe0 >> > [ 8.916717] kasan_check_range+0x35/0x1b0 >> > [ 8.916965] smb2_sess_setup+0x3ac/0x1a70 >> > [ 8.918634] handle_ksmbd_work+0x282/0x820 >> > [ 8.918898] process_one_work+0x419/0x760 >> > [ 8.919151] worker_thread+0x2a2/0x6f0 >> > [ 8.919655] kthread+0x187/0x1d0 >> > [ 8.920165] ret_from_fork+0x1f/0x30 >> > [ 8.920397] </TASK> >> > >> > Thanks. Regards >> > >> >
