lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Sat, 26 Jun 2010 11:58:10 -0400
From:	Jeff Layton <jlayton@...ba.org>
To:	Andrew Hendry <andrew.hendry@...il.com>
Cc:	linux-kernel <linux-kernel@...r.kernel.org>,
	linux-cifs@...r.kernel.org
Subject: Re: 2.6.34-rc3 BUG: unable to handle kernel NULL pointer
 dereference  at 0000000000000048 cifs_show_options

On Sat, 26 Jun 2010 22:22:00 +1000
Andrew Hendry <andrew.hendry@...il.com> wrote:

> I have turned on cifs debug to try to catch it if happens again.
> 
> (gdb) list *(cifs_show_options+0xf9)
> 0x309 is in cifs_show_options (fs/cifs/cifsfs.c:336).
> 331	static void
> 332	cifs_show_address(struct seq_file *s, struct TCP_Server_Info *server)
> 333	{
> 334		seq_printf(s, ",addr=");
> 335	
> 336		switch (server->addr.sockAddr.sin_family) {
> 337		case AF_INET:
> 338			seq_printf(s, "%pI4", &server->addr.sockAddr.sin_addr.s_addr);
> 339			break;
> 340		case AF_INET6:
> 
> 
> 
> 

Thanks, that helps. It looks like the "server" pointer in that function
was NULL or something close to it. Those should be properly refcounted
nowadays and that hasn't changed in quite a while. This function only
gets called from one place -- cifs_show_options. So something was
reading /proc/self/mountinfo and this pointer got zeroed out. Maybe
this raced with an unmount and the memory was recycled? Doesn't seem
like that ought to be possible though (I think vfsmount references are
held for each of these calls).

-- 
Jeff Layton <jlayton@...ba.org>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ