lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20070428181523.GX31925@holomorphy.com>
Date:	Sat, 28 Apr 2007 11:15:23 -0700
From:	William Lee Irwin III <wli@...omorphy.com>
To:	Akinobu Mita <akinobu.mita@...il.com>
Cc:	linux-kernel@...r.kernel.org, akpm@...ux-foundation.org
Subject: Re: [PATCH] hugetlbfs: add NULL check in hugetlb_zero_setup()

On Sun, Apr 29, 2007 at 01:29:48AM +0900, Akinobu Mita wrote:
> If hugetlbfs module_init() fails, hugetlbfs_vfsmount
> is not initialized and shmget() with SHM_HUGETLB flag will
> cause NULL pointer dereference.
> Cc: William Irwin <wli@...omorphy.com>
> Signed-off-by: Akinobu Mita <akinobu.mita@...il.com>
> Index: 2.6-mm/fs/hugetlbfs/inode.c
> ===================================================================
> --- 2.6-mm.orig/fs/hugetlbfs/inode.c
> +++ 2.6-mm/fs/hugetlbfs/inode.c
> @@ -740,6 +740,9 @@ struct file *hugetlb_zero_setup(size_t s
>  	char buf[16];
>  	static atomic_t counter;
>  
> +	if (!hugetlbfs_vfsmount)
> +		return ERR_PTR(-ENOENT);
> +
>  	if (!can_do_hugetlb_shm())
>  		return ERR_PTR(-EPERM);

Putting some thought into this, the failure to set up the vfsmount
for shm should be reported noisily, the failure to register the
filesystem should be noticed so as not to oops later in the init
function (I guess one could panic() if he wanted to), and the
attempt at kern_mount() should be conditional on SysV IPC.

I'll take this check, which should be made no matter what, and do
a patch for the init function along the lines described above if
you don't do it yourself first. I don't need the patch credits, so
feel free to grab the free patch line if you want it.

Acked-by: William Irwin <bill.irwin@...cle.com>


-- wli
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ