This series fixes all syzbot bugs in the minix filesystem: KASAN: null-ptr-deref Write in get_block KASAN: use-after-free Write in get_block KASAN: use-after-free Read in get_block WARNING in inc_nlink KMSAN: uninit-value in get_block WARNING in drop_nlink It also fixes the minix filesystem to set s_maxbytes correctly, so that userspace sees the correct behavior when exceeding the max file size. Al or Andrew: one of you will need to take these patches, since no one is maintaining this filesystem. Eric Biggers (6): fs/minix: check return value of sb_getblk() fs/minix: don't allow getting deleted inodes fs/minix: reject too-large maximum file size fs/minix: set s_maxbytes correctly fs/minix: fix block limit check for V1 filesystems fs/minix: remove expected error message in block_to_path() fs/minix/inode.c | 42 +++++++++++++++++++++++++++++++++++++---- fs/minix/itree_common.c | 8 +++++++- fs/minix/itree_v1.c | 12 ++++++------ fs/minix/itree_v2.c | 13 ++++++------- fs/minix/minix.h | 1 - 5 files changed, 57 insertions(+), 19 deletions(-) -- 2.27.0
