On Tue, Apr 30, 2024 at 10:53 AM Greg KH gregkh@linuxfoundation.org wrote:
On Tue, Apr 30, 2024 at 11:48:54AM +0800, Jingbo Xu wrote:
From: Amir Goldstein amir73il@gmail.com
commit 37f32f52643869131ec01bb69bdf9f404f6109fb upstream.
On failure to parse parameters in ovl_parse_param_lowerdir(), it is necessary to update ctx->nr with the correct nr before using ovl_reset_lowerdirs() to release l->name.
Reported-and-tested-by: syzbot+26eedf3631650972f17c@syzkaller.appspotmail.com Fixes: c835110b588a ("ovl: remove unused code in lowerdir param parsing") Co-authored-by: Edward Adam Davis eadavis@qq.com Signed-off-by: Amir Goldstein amir73il@gmail.com Signed-off-by: Jingbo Xu jefflexu@linux.alibaba.com
Commit c835110b588a ("ovl: remove unused code in lowerdir param parsing") was back ported to 6.6.y as a "Stable-dep-of" of commit 2824083db76c ("ovl: Always reject mounting over case-insensitive directories"), while omitting the fix for commit c835110b588a itself. Maybe that is because by the time commit 37f32f526438 (the fix) is merged into master branch, commit c835110b588a has not been back ported to 6.6.y yet.
This is strange. The 6.6 backports were posted by Sasha on Mar 2024. The omitted fix was merged in Nov 2023.
Sasha,
Do you understand what went wrong?
Thanks, Amir.