| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 31 May 2015 18:31:04 -0700
From: Jeremiah Mahler <jmmahler@...il.com>
To: Miklos Szeredi <miklos@...redi.hu>
Cc: fuse-devel@...ts.sourceforge.net, linux-kernel@...r.kernel.org,
Jeremiah Mahler <jmmahler@...il.com>
Subject: [PATCH] fuse: avoid clobbering fc->release with fuse_conn_init(fc)
fuse_conn_init(fc) zeros the entire fc structure before it assigns
specific values. Since fc->release is set before fuse_conn_init(fc)
is called, the value gets set to zero, which results in a NULL pointer
deference when fc->release() is called. Fix the problem by assigning
fc->release after calling fuse_conn_init(fc) instead of before.
Signed-off-by: Jeremiah Mahler <jmmahler@...il.com>
Fixes: daccc092d1a2 ("fuse: initialize fc->release before calling it")
---
fs/fuse/inode.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/fuse/inode.c b/fs/fuse/inode.c
index 01ff55d..2913db2 100644
--- a/fs/fuse/inode.c
+++ b/fs/fuse/inode.c
@@ -1076,8 +1076,8 @@ static int fuse_fill_super(struct super_block *sb, void *data, int silent)
if (!fc)
goto err_fput;
- fc->release = fuse_free_conn;
fuse_conn_init(fc);
+ fc->release = fuse_free_conn;
fud = fuse_dev_alloc(fc);
if (!fud)
--
2.1.4
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists