| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 28 Aug 2010 17:19:57 -0400 From: Eric Paris <eparis@...hat.com> To: Csaba Henk <csaba@...ster.com> Cc: linux-kernel@...r.kernel.org Subject: Re: [PATCH 1/2] fsnotify: fix NULL dereference in send_to_group() On Sun, 2010-08-29 at 00:55 +0530, Csaba Henk wrote: > If fanotify is triggered via a vfsmount mark (so that there is > no inode mark, group in send_to_group() is set from a structure > member where the struct pointer is NULL. > > This can be tested with the fanotify utility available from > http://people.redhat.com/eparis/fanotify/: > > # fanotify -m / & touch /x This should be fixed in the pull request I sent to Linus last night. Sorry you had to track it down as well. There are a number of other bug fixes in my tree http://git.infradead.org/users/eparis/notify.git There might still be some code duplication which something like 2/2 could clean up but your patch does apply to my devel tree and it has a logic flaw. In the case we have both a vfsmount and an inode mark we need to test: event_mask & vmark->mask & ~vmark->ignored_mask & ~imark->ignored mask. You would only ever test one or the other, not both together like that. Thanks! Please let me know any other problems you run into! -Eric -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists