Re: [syzbot] [hfs?] KMSAN: uninit-value in hfsplus_bnode_find
From: Edward Adam Davis
Date: Tue Apr 14 2026 - 20:52:52 EST
#syz test
diff --git a/fs/hfsplus/bnode.c b/fs/hfsplus/bnode.c
index 250a226336ea..56a046ba4d54 100644
--- a/fs/hfsplus/bnode.c
+++ b/fs/hfsplus/bnode.c
@@ -576,7 +576,10 @@ struct hfs_bnode *hfs_bnode_find(struct hfs_btree *tree, u32 num)
goto node_error;
}
- rec_off = tree->node_size - 2;
+ if (tree->node_size < 2)
+ goto node_error;
+ else
+ rec_off = tree->node_size - 2;
off = hfs_bnode_read_u16(node, rec_off);
if (off != sizeof(struct hfs_bnode_desc))
goto node_error;