From 1dac8c7a01e2bdd35cb04eb4901ddb157291ac2d Mon Sep 17 00:00:00 2001
From: Aleksandr Nogikh <nogikh@google.com>
Date: Tue, 3 Jan 2023 12:34:55 +0100
Subject: executor: better prevent the panic on ext4 errors (#3604)

We already suppress them, but the current approach fails if syzkaller
slightly corrupts the options string. Do the check more rigorously.
---
 executor/common_linux.h | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

(limited to 'executor/common_linux.h')

diff --git a/executor/common_linux.h b/executor/common_linux.h
index dd48b570c..64e3f8fb5 100644
--- a/executor/common_linux.h
+++ b/executor/common_linux.h
@@ -3044,7 +3044,15 @@ static long syz_mount_image(
 	} else if (strncmp(fs, "ext", 3) == 0) {
 		// For ext2/3/4 we have to have errors=continue because the image
 		// can contain errors=panic flag and can legally crash kernel.
-		if (strstr(opts, "errors=panic") || strstr(opts, "errors=remount-ro") == 0)
+		bool has_remount_ro = false;
+		char* remount_ro_start = strstr(opts, "errors=remount-ro");
+		if (remount_ro_start != NULL) {
+			// syzkaller can sometimes break the options format, so we have to make sure this option can really be parsed.
+			char after = *(remount_ro_start + strlen("errors=remount-ro"));
+			char before = remount_ro_start == opts ? '\0' : *(remount_ro_start - 1);
+			has_remount_ro = ((before == '\0' || before == ',') && (after == '\0' || after == ','));
+		}
+		if (strstr(opts, "errors=panic") || !has_remount_ro)
 			strcat(opts, ",errors=continue");
 	} else if (strcmp(fs, "xfs") == 0) {
 		// For xfs we need nouuid because xfs has a global uuids table
-- 
cgit mrf-deployment