| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 30 Jan 2019 05:58:17 -0500
From: Kent Overstreet <kent.overstreet@...il.com>
To: YueHaibing <yuehaibing@...wei.com>
Cc: colyli@...e.de, linux-kernel@...r.kernel.org,
linux-bcache@...r.kernel.org
Subject: Re: [PATCH -next] bcache: Fix potential NULL pointer dereference
On Wed, Jan 30, 2019 at 06:21:12PM +0800, YueHaibing wrote:
> There is a potential NULL pointer dereference in case
> kzalloc() fails and returns NULL.
>
> Fixes: bc082a55d25c ("bcache: fix inaccurate io state for detached bcache devices")
> Signed-off-by: YueHaibing <yuehaibing@...wei.com>
> ---
> drivers/md/bcache/request.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/drivers/md/bcache/request.c b/drivers/md/bcache/request.c
> index 1507041..a50afa4 100644
> --- a/drivers/md/bcache/request.c
> +++ b/drivers/md/bcache/request.c
> @@ -1094,6 +1094,8 @@ static void detached_dev_do_request(struct bcache_device *d, struct bio *bio)
> * which would call closure_get(&dc->disk.cl)
> */
> ddip = kzalloc(sizeof(struct detached_dev_io_private), GFP_NOIO);
> + if (!ddip)
> + return;
> ddip->d = d;
> ddip->start_time = jiffies;
> ddip->bi_end_io = bio->bi_end_io;
This should be using a mempool/bioset... just returning from a make_request
function is not correct, that's a serious bug - you're just dropping an IO on
the floor, which is going to cause whatever submitted that IO to hang.
Powered by blists - more mailing lists