lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <c3ce64a1-65dc-0ed1-52ec-8bf950b77fb2@oracle.com>
Date:   Mon, 30 Oct 2017 17:13:07 -0500
From:   Dave Kleikamp <dave.kleikamp@...cle.com>
To:     Juerg Haefliger <juerg.haefliger@...onical.com>,
        jfs-discussion@...ts.sourceforge.net, linux-kernel@...r.kernel.org
Subject: Re: [Jfs-discussion] [PATCH] jfs: Add missing NULL pointer check in
 __get_metapage

On 10/25/2017 02:50 AM, Juerg Haefliger wrote:
> Is this a patch you might consider?

Sorry it's taken me so long to respond.

I don't think this is the right fix. A failed allocation will still
result in a null pointer dereference by the caller, __get_metapage(). I
think the check needs to be put there. Like this:

--- a/fs/jfs/jfs_metapage.c
+++ b/fs/jfs/jfs_metapage.c
@@ -663,6 +663,8 @@ struct metapage *__get_metapage(struct inode *inode,
unsigned long lblock,
 	} else {
 		INCREMENT(mpStat.pagealloc);
 		mp = alloc_metapage(GFP_NOFS);
+		if (!mp)
+			goto unlock;
 		mp->page = page;
 		mp->sb = inode->i_sb;
 		mp->flag = 0;


Furthermore, it looks like all the callers of __get_metapage() check for
a null return, so I'm not sure we need to handle the error at this
point. I might have to look a bit harder at that, since there are many
callers.

Thanks,
Shaggy

> 
> Thanks
> ...Juerg
> 
> 
> On 10/04/2017 10:24 AM, Juerg Haefliger wrote:
>> alloc_metapage can return a NULL pointer so check for that. And also emit
>> an error message if that happens.
>>
>> Signed-off-by: Juerg Haefliger <juerg.haefliger@...onical.com>
>> ---
>>  fs/jfs/jfs_metapage.c | 20 +++++++++++++-------
>>  1 file changed, 13 insertions(+), 7 deletions(-)
>>
>> diff --git a/fs/jfs/jfs_metapage.c b/fs/jfs/jfs_metapage.c
>> index 1c4b9ad4d7ab..00f21af66872 100644
>> --- a/fs/jfs/jfs_metapage.c
>> +++ b/fs/jfs/jfs_metapage.c
>> @@ -187,14 +187,18 @@ static inline struct metapage *alloc_metapage(gfp_t gfp_mask)
>>  {
>>  	struct metapage *mp = mempool_alloc(metapage_mempool, gfp_mask);
>>  
>> -	if (mp) {
>> -		mp->lid = 0;
>> -		mp->lsn = 0;
>> -		mp->data = NULL;
>> -		mp->clsn = 0;
>> -		mp->log = NULL;
>> -		init_waitqueue_head(&mp->wait);
>> +	if (!mp) {
>> +		jfs_err("mempool_alloc failed!\n");
>> +		return NULL;
>>  	}
>> +
>> +	mp->lid = 0;
>> +	mp->lsn = 0;
>> +	mp->data = NULL;
>> +	mp->clsn = 0;
>> +	mp->log = NULL;
>> +	init_waitqueue_head(&mp->wait);
>> +
>>  	return mp;
>>  }
>>  
>> @@ -663,6 +667,8 @@ struct metapage *__get_metapage(struct inode *inode, unsigned long lblock,
>>  	} else {
>>  		INCREMENT(mpStat.pagealloc);
>>  		mp = alloc_metapage(GFP_NOFS);
>> +		if (!mp)
>> +			goto unlock;
>>  		mp->page = page;
>>  		mp->sb = inode->i_sb;
>>  		mp->flag = 0;
>>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ