| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1b708c0d-8ea1-3898-0340-9cbce1fc2602@gmx.com>
Date: Wed, 24 Jul 2019 10:57:24 +0800
From: Qu Wenruo <quwenruo.btrfs@....com>
To: Jia-Ju Bai <baijiaju1990@...il.com>, clm@...com,
josef@...icpanda.com, dsterba@...e.com
Cc: linux-btrfs@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] fs: btrfs: Fix a possible null-pointer dereference in
insert_inline_extent()
On 2019/7/24 上午10:33, Jia-Ju Bai wrote:
>
>
> On 2019/7/24 10:21, Qu Wenruo wrote:
>>
>> On 2019/7/24 上午10:11, Jia-Ju Bai wrote:
>>> In insert_inline_extent(), there is an if statement on line 181 to check
>>> whether compressed_pages is NULL:
>>> if (compressed_size && compressed_pages)
>>>
>>> When compressed_pages is NULL, compressed_pages is used on line 215:
>>> cpage = compressed_pages[i];
>>>
>>> Thus, a possible null-pointer dereference may occur.
>>>
>>> To fix this possible bug, compressed_pages is checked on line 214.
>> This can only be hit with compressed_size > 0 and compressed_pages !=
>> NULL.
>>
>> It would be better to have an extra ASSERT() to warn developers about
>> the impossible case.
>
> Thanks for the reply :)
> So I should add ASSERT(compressed_size > 0 & compressed_pages) at the
> beginning of the function, and remove "if (compressed_size &&
> compressed_pages)"?
My suggestion is, ASSERT((compressed_size >0 && compressed_pages) ||
(compressed_size == 0 && !compressed_pages))
And keeps the original checks.
Anyway, just a suggestion.
Thanks,
Qu
>
>
> Best wishes,
> Jia-Ju Bai
Download attachment "signature.asc" of type "application/pgp-signature" (489 bytes)
Powered by blists - more mailing lists