diff options
author | Andrew Morton <akpm@linux-foundation.org> | 2023-02-26 21:31:11 +0100 |
---|---|---|
committer | Andrew Morton <akpm@linux-foundation.org> | 2023-03-03 06:54:23 +0100 |
commit | 3e35102666f873a135d31a726ac1ec8af4905206 (patch) | |
tree | 5cc7a3e85aa9f517ae57710b438306a7178a38fd | |
parent | fs: hfsplus: fix UAF issue in hfsplus_put_super (diff) | |
download | linux-3e35102666f873a135d31a726ac1ec8af4905206.tar.xz linux-3e35102666f873a135d31a726ac1ec8af4905206.zip |
fs/cramfs/inode.c: initialize file_ra_state
file_ra_state_init() assumes that the file_ra_state has been zeroed out.
Fixes a KMSAN used-unintialized issue (at least).
Fixes: cf948cbc35e80 ("cramfs: read_mapping_page() is synchronous")
Reported-by: syzbot <syzbot+8ce7f8308d91e6b8bbe2@syzkaller.appspotmail.com>
Link: https://lkml.kernel.org/r/0000000000008f74e905f56df987@google.com
Cc: Matthew Wilcox <willy@infradead.org>
Cc: Nicolas Pitre <nico@fluxnic.net>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
-rw-r--r-- | fs/cramfs/inode.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/fs/cramfs/inode.c b/fs/cramfs/inode.c index e3d168911dbe..006ef68d7ff6 100644 --- a/fs/cramfs/inode.c +++ b/fs/cramfs/inode.c @@ -183,7 +183,7 @@ static void *cramfs_blkdev_read(struct super_block *sb, unsigned int offset, unsigned int len) { struct address_space *mapping = sb->s_bdev->bd_inode->i_mapping; - struct file_ra_state ra; + struct file_ra_state ra = {}; struct page *pages[BLKS_PER_BUF]; unsigned i, blocknr, buffer; unsigned long devsize; |