lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20191017000703.GA4271@eaf>
Date:   Wed, 16 Oct 2019 21:07:03 -0300
From:   Ernesto A. Fernández 
        <ernesto.mnd.fernandez@...il.com>
To:     Chuhong Yuan <hslester96@...il.com>
Cc:     linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 2/2] hfsplus: add a check for hfs_bnode_find

Hi,

On Wed, Oct 16, 2019 at 08:06:20PM +0800, Chuhong Yuan wrote:
> hfs_brec_update_parent misses a check for hfs_bnode_find and may miss
> the failure.
> Add a check for it like what is done in again.
> 
> Signed-off-by: Chuhong Yuan <hslester96@...il.com>
> ---
>  fs/hfsplus/brec.c | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/fs/hfsplus/brec.c b/fs/hfsplus/brec.c
> index 1918544a7871..22bada8288c4 100644
> --- a/fs/hfsplus/brec.c
> +++ b/fs/hfsplus/brec.c
> @@ -434,6 +434,8 @@ static int hfs_brec_update_parent(struct hfs_find_data *fd)
>  			new_node->parent = tree->root;
>  		}
>  		fd->bnode = hfs_bnode_find(tree, new_node->parent);
> +		if (IS_ERR(fd->bnode))
> +			return PTR_ERR(fd->bnode);

You shouldn't just return here, you still hold a reference to new_node.
The call to hfs_bnode_find() after the again label seems to be making a
similar mistake.

I don't think either one can actually fail though, because the parent
nodes have all been read and hashed before, haven't they?

>  		/* create index key and entry */
>  		hfs_bnode_read_key(new_node, fd->search_key, 14);
>  		cnid = cpu_to_be32(new_node->this);
> -- 
> 2.20.1
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ