| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 30 Apr 2020 04:20:46 -0700
From: youngjun <her0gyugyu@...il.com>
To: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc: Tejun Heo <tj@...nel.org>, linux-kernel@...r.kernel.org,
youngjun <her0gyugyu@...il.com>
Subject: [PATCH] fs: kernfs: fix possible null pointer dereferences
kernfs_path_from_node_locked checks buf is NULL.
But, two cases below are not covered.
if(!kn_to) <--- case1 (buf can be NULL)
return strlcpy(buf, "(null)", buflen);
if(kn_from == kn_to) <--- case2 (buf can be NULL)
return strlcpy(buf, "/", buflen);
if (!buf) <--- checked here.
return -EINVAL;
buf NULL case needs to be checked first.
Signed-off-by: youngjun <her0gyugyu@...il.com>
---
fs/kernfs/dir.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/fs/kernfs/dir.c b/fs/kernfs/dir.c
index 02fb5cc76e33..d802cfceddba 100644
--- a/fs/kernfs/dir.c
+++ b/fs/kernfs/dir.c
@@ -128,6 +128,9 @@ static int kernfs_path_from_node_locked(struct kernfs_node *kn_to,
size_t depth_from, depth_to, len = 0;
int i, j;
+ if (!buf)
+ return -EINVAL;
+
if (!kn_to)
return strlcpy(buf, "(null)", buflen);
@@ -137,9 +140,6 @@ static int kernfs_path_from_node_locked(struct kernfs_node *kn_to,
if (kn_from == kn_to)
return strlcpy(buf, "/", buflen);
- if (!buf)
- return -EINVAL;
-
common = kernfs_common_ancestor(kn_from, kn_to);
if (WARN_ON(!common))
return -EINVAL;
--
2.17.1
Powered by blists - more mailing lists