| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <YNNPHvFWoeI4UwEZ@kroah.com>
Date: Wed, 23 Jun 2021 17:11:26 +0200
From: "gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>
To: Christian Löhle <CLoehle@...erstone.com>
Cc: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"rafael@...nel.org" <rafael@...nel.org>
Subject: Re: [PATCH] kobject: Safe return of kobject_get_path with NULL
On Wed, Jun 23, 2021 at 02:47:35PM +0000, Christian Löhle wrote:
> Prevent NULL dereference within get_kobj_path_length
>
> Calling kobject_get_path could provoke a NULL dereference
> if NULL was passed. while fill_kobj_path will return
> with a sane 0 for NULL, kobjet_get_path_length did not.
Who passes NULL into that function? Shouldn't that be fixed first?
>
> Signed-off-by: Christian Loehle <cloehle@...erstone.com>
> ---
> lib/kobject.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/lib/kobject.c b/lib/kobject.c
> index ea53b30cf483..735159c13a94 100644
> --- a/lib/kobject.c
> +++ b/lib/kobject.c
> @@ -130,6 +130,8 @@ static int get_kobj_path_length(struct kobject *kobj)
> {
> int length = 1;
> struct kobject *parent = kobj;
> + if (!kobj)
> + return 0;
>
> /* walk up the ancestors until we hit the one pointing to the
> * root.
> --
> 2.32.0
>
> Hyperstone GmbH | Line-Eid-Strasse 3 | 78467 Konstanz
> Managing Directors: Dr. Jan Peter Berns.
> Commercial register of local courts: Freiburg HRB381782
>
Pleaase always run your patches through checkpatch.pl so you do not get
maintainers asking you to use checkpatch.pl...
thanks,
greg k-h
Powered by blists - more mailing lists