lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20200616162922.26168-1-trix@redhat.com>
Date:   Tue, 16 Jun 2020 09:29:22 -0700
From:   trix@...hat.com
To:     hirofumi@...l.parknet.co.jp
Cc:     linux-kernel@...r.kernel.org, Tom Rix <trix@...hat.com>
Subject: [PATCH] fat: add a check to fat_add_new_entries

From: Tom Rix <trix@...hat.com>

Clang static analysis reports a possible null pointer dereference

fs/fat/dir.c:1255:9: warning: Dereference of undefined pointer value [core.NullDereference]
        memset(bhs[n]->b_data + copy, 0, sb->s_blocksize - copy);
               ^~~~~~~~~~~~~~

This is because setting of bhs[n] depends on the inner loop executing.

So add a check that the inner loop will be executed.

Signed-off-by: Tom Rix <trix@...hat.com>
---
 fs/fat/dir.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/fs/fat/dir.c b/fs/fat/dir.c
index b4ddf48fa444..3eea540486cb 100644
--- a/fs/fat/dir.c
+++ b/fs/fat/dir.c
@@ -1228,6 +1228,13 @@ static int fat_add_new_entries(struct inode *dir, void *slots, int nr_slots,
 	do {
 		start_blknr = blknr = fat_clus_to_blknr(sbi, cluster[i]);
 		last_blknr = start_blknr + sbi->sec_per_clus;
+
+		/* overflow */
+		if (unlikely(last_blknr <= start_blknr)) {
+			err = -ENOMEM;
+			goto error_nomem;
+		}
+
 		while (blknr < last_blknr) {
 			bhs[n] = sb_getblk(sb, blknr);
 			if (!bhs[n]) {
-- 
2.18.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ