| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 09 Dec 2018 21:50:33 +0000
From: Ben Hutchings <ben@...adent.org.uk>
To: linux-kernel@...r.kernel.org, stable@...r.kernel.org
CC: akpm@...ux-foundation.org,
syzbot+38bd0f7865e5c6379280@...kaller.appspotmail.com,
"Richard Weinberger" <richard@....at>
Subject: [PATCH 3.16 258/328] ubifs: Check for name being NULL while mounting
3.16.62-rc1 review patch. If anyone has any objections, please let me know.
------------------
From: Richard Weinberger <richard@....at>
commit 37f31b6ca4311b94d985fb398a72e5399ad57925 upstream.
The requested device name can be NULL or an empty string.
Check for that and refuse to continue. UBIFS has to do this manually
since we cannot use mount_bdev(), which checks for this condition.
Fixes: 1e51764a3c2ac ("UBIFS: add new flash file system")
Reported-by: syzbot+38bd0f7865e5c6379280@...kaller.appspotmail.com
Signed-off-by: Richard Weinberger <richard@....at>
Signed-off-by: Ben Hutchings <ben@...adent.org.uk>
---
fs/ubifs/super.c | 3 +++
1 file changed, 3 insertions(+)
--- a/fs/ubifs/super.c
+++ b/fs/ubifs/super.c
@@ -1917,6 +1917,9 @@ static struct ubi_volume_desc *open_ubi(
int dev, vol;
char *endptr;
+ if (!name || !*name)
+ return ERR_PTR(-EINVAL);
+
/* First, try to open using the device node path method */
ubi = ubi_open_volume_path(name, mode);
if (!IS_ERR(ubi))
Powered by blists - more mailing lists