| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 7 Nov 2011 10:19:39 -0500
From: Ted Ts'o <tytso@....edu>
To: Namjae Jeon <linkinjeon@...il.com>
Cc: linux-kernel@...r.kernel.org, linux-ext4@...r.kernel.org
Subject: Re: [PATCH v2] ext4: fix NULL pointer dereference from orig_data
in fill_super and remount.
On Mon, Nov 07, 2011 at 11:01:51PM +0900, Namjae Jeon wrote:
> Fix NULL pointer dereference from orig_data in fill_super and remount.
>
> Signed-off-by: Namjae Jeon <linkinjeon@...il.com>
Um, did you even try to test this patch before submitting it?
#1: kstrdup() return NULL if data is NULL
#2: The kernel's printk and sprintf functions will translate
sprintf(buf, "%s", NULL) by filling in the string "NULL"
#3: The only use of orig_data is a cosmetic one, of printing out
the mount options which are passed in.
#4: If the user doesn't specify any mount options, data is NULL, and
your patch would cause those mounts to fail with ENOMEM.
In summary, there is no problem here; a pendant might complain that
it's possible for data to be non-NULL, and for orig_data to be null of
the kstrdup failed, but in that case, other memory allocations done
later in ext4_fill_super() will almost have certainly failed, so in
practice won't get as far as the printk.
- Ted
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists