lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAAa=b7ck+vDHr1iG6R2zX0NEpkEVOTGKqQVYhFR4xPOwn-C+hg@mail.gmail.com> Date: Mon, 15 Apr 2019 12:34:54 -0500 From: Wenwen Wang <wang6495@....edu> To: Jan Kara <jack@...e.cz> Cc: Jan Kara <jack@...e.com>, open list <linux-kernel@...r.kernel.org>, Wenwen Wang <wang6495@....edu> Subject: Re: [PATCH] udf: fix an uninitialized read bug Thanks for your prompt reply, Jan! I will rework the patch. Best regards, Wenwen On Mon, Apr 15, 2019 at 11:05 AM Jan Kara <jack@...e.cz> wrote: > > On Mon 15-04-19 10:26:24, Wenwen Wang wrote: > > In udf_lookup(), the pointer 'fi' is a local variable initialized by the > > return value of the function call udf_find_entry(). However, if the macro > > 'UDF_RECOVERY' is defined, this variable will become uninitialized if the > > else branch is not taken, which can potentially cause incorrect results in > > the following execution. > > > > This patch simply initializes this local pointer to NULL. > > > > Signed-off-by: Wenwen Wang <wang6495@....edu> > > Thanks for the patch! A better fix is to drop the whole UDF_RECOVERY ifdef > and what's in it. It is just dead code anyway. > > Honza > > > --- > > fs/udf/namei.c | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/fs/udf/namei.c b/fs/udf/namei.c > > index 58cc241..9d499e1 100644 > > --- a/fs/udf/namei.c > > +++ b/fs/udf/namei.c > > @@ -299,7 +299,7 @@ static struct dentry *udf_lookup(struct inode *dir, struct dentry *dentry, > > struct inode *inode = NULL; > > struct fileIdentDesc cfi; > > struct udf_fileident_bh fibh; > > - struct fileIdentDesc *fi; > > + struct fileIdentDesc *fi = NULL; > > > > if (dentry->d_name.len > UDF_NAME_LEN) > > return ERR_PTR(-ENAMETOOLONG); > > -- > > 2.7.4 > > > > > -- > Jan Kara <jack@...e.com> > SUSE Labs, CR
Powered by blists - more mailing lists