| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 22 Oct 2020 21:13:00 +0800
From: Zhiqiang Liu <liuzhiqiang26@...wei.com>
To: <miklos@...redi.hu>
CC: <mszeredi@...hat.com>, <linux-fsdevel@...r.kernel.org>,
<linux-kernel@...r.kernel.org>, linfeilong <linfeilong@...wei.com>,
lihaotian <lihaotian9@...wei.com>
Subject: [PATCH] fuse: check whether fuse_request_alloc returns NULL in
fuse_simple_request
In fuse_simple_request func, we will call fuse_request_alloc func to alloc
one request from fuse_req_cachep when args->force is true. However, the
return value of fuse_request_alloc func is not checked whether it is NULL.
If allocating request fails, access-NULL-pointer problem will occur.
Here, we check the return value of fuse_request_alloc func.
Fixes: 7213394c4e18 ("fuse: simplify request allocation")
Signed-off-by: Zhiqiang Liu <liuzhiqiang26@...wei.com>
Signed-off-by: Haotian Li <lihaotian9@...wei.com>
---
fs/fuse/dev.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/fs/fuse/dev.c b/fs/fuse/dev.c
index 02b3c36b3676..f7dd33ae8e31 100644
--- a/fs/fuse/dev.c
+++ b/fs/fuse/dev.c
@@ -481,6 +481,8 @@ ssize_t fuse_simple_request(struct fuse_conn *fc, struct fuse_args *args)
if (args->force) {
atomic_inc(&fc->num_waiting);
req = fuse_request_alloc(GFP_KERNEL | __GFP_NOFAIL);
+ if (!req)
+ return -ENOMEM;
if (!args->nocreds)
fuse_force_creds(fc, req);
--
2.19.1
Powered by blists - more mailing lists