lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:	Tue, 22 Apr 2008 23:28:12 +0200 (CEST)
From:	Jesper Juhl <jesper.juhl@...il.com>
To:	Roman Zippel <zippel@...ux-m68k.org>
cc:	linux-kernel@...r.kernel.org,
	Ardis Technologies <roman@...istech.com>,
	Brad Boyer <flar@...andria.com>,
	Jesper Juhl <jesper.juhl@...il.com>
Subject: [PATCH] hfsplus: in case match_strdup() fails to alloc mem in
 hfsplus_parse_options(), don't blow up.

From: Jesper Juhl <jesper.juhl@...il.com>

The Coverity checker spotted that we do not check the return value of
match_strdup() in fs/hfsplus/options.c::hfsplus_parse_options().
This is bad since match_strdup() does a memory allocation internally
which can fail. If it does fail it will return NULL and in that case
we will pass the NULL pointer on to load_nls() which will eventually
dereference it --> BOOM!
Much better to check the return value, fail gracefully and log an
error message in case this happens.

Signed-off-by: Jesper Juhl <jesper.juhl@...il.com>
---

 options.c |    4 ++++
 1 file changed, 4 insertions(+)

diff --git a/fs/hfsplus/options.c b/fs/hfsplus/options.c
index dc64fac..c9c2f86 100644
--- a/fs/hfsplus/options.c
+++ b/fs/hfsplus/options.c
@@ -132,6 +132,10 @@ int hfsplus_parse_options(char *input, struct hfsplus_sb_info *sbi)
 				return 0;
 			}
 			p = match_strdup(&args[0]);
+			if (!p) {
+				printk(KERN_ERR "hfs: match_strdup() memory allocation failed\n");
+				return 0;
+			}
 			sbi->nls = load_nls(p);
 			if (!sbi->nls) {
 				printk(KERN_ERR "hfs: unable to load nls mapping \"%s\"\n", p);


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ