| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 24 May 2019 11:30:45 +0800
From: Gen Zhang <blackgod016574@...il.com>
To: akpm@...ux-foundation.org, rppt@...ux.ibm.com,
david.engraf@...go.com, steven.price@....com, osandov@...com,
luc.vanoostenryck@...il.com, axboe@...nel.dk
Cc: linux-kernel@...r.kernel.org
Subject: [PATCH v2] initramfs: Fix a missing-chek bug in dir_add()
In dir_add() and do_name(), de->name and vcollected are allocated by
kstrdup(). And de->name and vcollected are dereferenced in the following
codes. However, memory allocation functions such as kstrdup() may fail.
Dereferencing this null pointer may cause the kernel go wrong. Thus we
should check these two kstrdup() operations.
Further, if kstrdup() returns NULL, we should free de in dir_add().
Signed-off-by: Gen Zhang <blackgod016574@...il.com>
---
diff --git a/init/initramfs.c b/init/initramfs.c
index 178130f..1421488 100644
--- a/init/initramfs.c
+++ b/init/initramfs.c
@@ -125,6 +125,10 @@ static void __init dir_add(const char *name, time64_t mtime)
panic("can't allocate dir_entry buffer");
INIT_LIST_HEAD(&de->list);
de->name = kstrdup(name, GFP_KERNEL);
+ if (!de->name) {
+ kfree(de);
+ panic("can't allocate dir_entry name buffer");
+ }
de->mtime = mtime;
list_add(&de->list, &dir_list);
}
@@ -340,6 +344,10 @@ static int __init do_name(void)
if (body_len)
ksys_ftruncate(wfd, body_len);
vcollected = kstrdup(collected, GFP_KERNEL);
+ if (!vcollected) {
+ panic("can't allocate vcollected buffer");
+ return 0;
+ }
state = CopyFile;
}
}
Powered by blists - more mailing lists