Re: [Bug] UBSAN: shift-out-of-bounds in sg_build_indirect

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Sat, Apr 13, 2024 at 6:49 AM Bart Van Assche <bvanassche@xxxxxxx> wrote:
>
> On 4/10/24 6:17 PM, Sam Sun wrote:
> > On Wed, Apr 10, 2024 at 12:59 AM Bart Van Assche <bvanassche@xxxxxxx> wrote:
> >>
> >> On 4/9/24 05:51, Sam Sun wrote:
> >>> We further analyzed the root cause of this bug. In function
> >>> sg_build_indirect of drivers/scsi/sg.c, variable order of line 1900 is
> >>> calculated out using get_order(num), and num comes from
> >>> scatter_elem_sz. If scatter_elem_sz is equal or below zero, the order
> >>> returned will be 52, so that PAGE_SHIFT + order is 64, which is larger
> >>> than 32 bits int range, causing shift-out-of bound. This bug is tested
> >>> and still remains in the latest upstream linux (6.9-rc3).
> >>> If you have any questions, please contact us.
> >>
> >> Thank you for having root-caused this issue and also for having shared
> >> your root-cause analysis. Do you perhaps plan to post a patch that fixes
> >> this issue?
> >
> > Sure, I am glad to help! But it is my first time submitting a patch, I
> > need to find some instructions. I would appreciate if you could help
> > me out. Also, I need to double check the patch to avoid introducing a
> > new one. It might take some time.
>
> The process for contributing a patch is as follows:
> 1. Clone the Linux kernel tree for the subsystem you want to contribute
>     to. For SCSI, this is the for-next branch in
>     git://git.kernel.org/pub/scm/linux/kernel/git/mkp/scsi.git
> 2. Make your changes to the code.
> 3. Commit your changes (git commit -as), chose a patch title and explain
>     what has been changed and also why.
> 4. Convert your changes into a patch, e.g. by running this command:
>       git format-patch -1
> 5. Check the patch with scripts/checkpatch.pl.
> 6. Send your patch with git send-email to Martin Petersen and Cc the
>     linux-scsi mailing list.
>
> More information is available here:
> https://docs.kernel.org/process/submitting-patches.html
>
> Best regards,
>
> Bart.

Thanks for your help! I will follow the instructions and submit the
patch as soon as possible.

Best Regards,
Yue
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [SCSI Target Devel]     [Linux SCSI Target Infrastructure]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Linux IIO]     [Samba]     [Device Mapper]

  Powered by Linux