| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1555341984-3282-1-git-send-email-wang6495@umn.edu> Date: Mon, 15 Apr 2019 10:26:24 -0500 From: Wenwen Wang <wang6495@....edu> To: Wenwen Wang <wang6495@....edu> Cc: Jan Kara <jack@...e.com>, linux-kernel@...r.kernel.org (open list) Subject: [PATCH] udf: fix an uninitialized read bug In udf_lookup(), the pointer 'fi' is a local variable initialized by the return value of the function call udf_find_entry(). However, if the macro 'UDF_RECOVERY' is defined, this variable will become uninitialized if the else branch is not taken, which can potentially cause incorrect results in the following execution. This patch simply initializes this local pointer to NULL. Signed-off-by: Wenwen Wang <wang6495@....edu> --- fs/udf/namei.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/udf/namei.c b/fs/udf/namei.c index 58cc241..9d499e1 100644 --- a/fs/udf/namei.c +++ b/fs/udf/namei.c @@ -299,7 +299,7 @@ static struct dentry *udf_lookup(struct inode *dir, struct dentry *dentry, struct inode *inode = NULL; struct fileIdentDesc cfi; struct udf_fileident_bh fibh; - struct fileIdentDesc *fi; + struct fileIdentDesc *fi = NULL; if (dentry->d_name.len > UDF_NAME_LEN) return ERR_PTR(-ENAMETOOLONG); -- 2.7.4
Powered by blists - more mailing lists