| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 26 Feb 2009 16:18:29 -0600
From: Eric Sandeen <sandeen@...hat.com>
To: Jim Meyering <jim@...ering.net>
CC: linux-ext4@...r.kernel.org
Subject: Re: [PATCH] Don't dereference NULL upon slashless module dependency
line.
Jim Meyering wrote:
> * probe.c (check_for_modules): Skip current line if it has no slash.
>
> Signed-off-by: Jim Meyering <meyering@...hat.com>
> ---
> I found this by inspection while looking for the cause of
> a recent rawhide/nash segfault.
>
> lib/blkid/probe.c | 5 +++--
> 1 files changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/lib/blkid/probe.c b/lib/blkid/probe.c
> index 76763ae..f5fff6b 100644
> --- a/lib/blkid/probe.c
> +++ b/lib/blkid/probe.c
> @@ -225,8 +225,9 @@ static int check_for_modules(const char *fs_name)
> *cp = 0;
> else
> continue;
> - if ((cp = strrchr(buf, '/')) != NULL)
> - cp++;
> + if ((cp = strrchr(buf, '/')) == NULL)
> + continue;
> + cp++;
> i = strlen(cp);
> if (i > 3) {
> t = cp + i - 3;
> --
oops, I missed that Jim sent this (or just didn't remember w/ my
goldfish brain)
OTOH the other patch I sent is probably a bit better, it gets both
pieces of duplicated(!) code, and doeesn't skip these lines in
modules.dep, it just skips the pre-"/"-stripping ...
-Eric
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists