lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date:   Wed, 22 May 2019 10:07:23 +0800
From:   Gen Zhang <blackgod016574@...il.com>
To:     Li Zhijian <lizhijian@...fujitsu.com>
Cc:     linux-kernel@...r.kernel.org
Subject: Re: [PATCH] initramfs: Fix a missing-check bug in init/initramfs.c

On Wed, May 22, 2019 at 10:00:37AM +0800, Li Zhijian wrote:
> 
> On 5/22/19 09:04, Gen Zhang wrote:
> >In dir_add(), de and de->name are allocated by kmalloc() and kstrdup().
> >And de->name is dereferenced in the following codes. However, memory
> >allocation functions such as kmalloc() and kstrdup() may fail.
> >Dereferencing this de->name null pointer may cause the kernel go wrong.
> >Thus we should check this allocation.
> >Further, if kstrdup() returns NULL, we should free de and panic().
> >
> >Signed-off-by: Gen Zhang <blackgod016574@...il.com>
> >
> >---
> >diff --git a/init/initramfs.c b/init/initramfs.c
> >index 178130f..dc8063f 100644
> >--- a/init/initramfs.c
> >+++ b/init/initramfs.c
> >@@ -125,6 +125,10 @@ static void __init dir_add(const char *name, time64_t mtime)
> >  		panic("can't allocate dir_entry buffer");
> >  	INIT_LIST_HEAD(&de->list);
> >  	de->name = kstrdup(name, GFP_KERNEL);
> >+	if (!de->name) {
> >+		kfree(de);
> >+		panic("can't allocate dir_entry name buffer");
> >+	}
> 
> Looks good
> 
> but the following place should be considered as well i think
> 342                                 vcollected = kstrdup(collected, GFP_KERNEL);
> 343                                 state = CopyFile;
> 
> 
> Thanks
> Zhijian
Thanks for your comments, Zhijian!
I thinks you are correct that vcollected should also be checked.
I will work on this patch and resubmit it.
Thank
Gen

Powered by blists - more mailing lists