lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Sat, 13 Apr 2019 01:43:11 -0400
From:   Gabriel Krisman Bertazi <krisman@...labora.com>
To:     tytso@....edu
Cc:     linux-ext4@...r.kernel.org,
        Gabriel Krisman Bertazi <krisman@...labora.com>
Subject: [PATCH e2fsprogs 04/10] ext2fs: nls: Fix potential null dereference in utf8nlookup

Delay the access of data->offset until after the null check.  This was
reported by 0-day on the kernel version of the script.

Signed-off-by: Gabriel Krisman Bertazi <krisman@...labora.com>
---
 lib/ext2fs/nls_utf8-norm.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/ext2fs/nls_utf8-norm.c b/lib/ext2fs/nls_utf8-norm.c
index 5a91573f766f..4230b64bc586 100644
--- a/lib/ext2fs/nls_utf8-norm.c
+++ b/lib/ext2fs/nls_utf8-norm.c
@@ -335,7 +335,7 @@ utf8hangul(const char *str, unsigned char *hangul)
 static utf8leaf_t *utf8nlookup(const struct utf8data *data,
 			       unsigned char *hangul, const char *s, size_t len)
 {
-	utf8trie_t	*trie = utf8data + data->offset;
+	utf8trie_t	*trie = NULL;
 	int		offlen;
 	int		offset;
 	int		mask;
@@ -345,6 +345,8 @@ static utf8leaf_t *utf8nlookup(const struct utf8data *data,
 		return NULL;
 	if (len == 0)
 		return NULL;
+
+	trie = utf8data + data->offset;
 	node = 1;
 	while (node) {
 		offlen = (*trie & OFFLEN) >> OFFLEN_SHIFT;
-- 
2.20.1

Powered by blists - more mailing lists