| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20210714194036.53141-102-sashal@kernel.org>
Date: Wed, 14 Jul 2021 15:40:35 -0400
From: Sasha Levin <sashal@...nel.org>
To: linux-kernel@...r.kernel.org, stable@...r.kernel.org
Cc: Paulo Alcantara <pc@....nz>, Steve French <stfrench@...rosoft.com>,
Sasha Levin <sashal@...nel.org>, linux-cifs@...r.kernel.org,
samba-technical@...ts.samba.org
Subject: [PATCH AUTOSEL 5.12 102/102] cifs: prevent NULL deref in cifs_compose_mount_options()
From: Paulo Alcantara <pc@....nz>
[ Upstream commit 03313d1c3a2f086bb60920607ab79ac8f8578306 ]
The optional @ref parameter might contain an NULL node_name, so
prevent dereferencing it in cifs_compose_mount_options().
Addresses-Coverity: 1476408 ("Explicit null dereferenced")
Signed-off-by: Paulo Alcantara (SUSE) <pc@....nz>
Signed-off-by: Steve French <stfrench@...rosoft.com>
Signed-off-by: Sasha Levin <sashal@...nel.org>
---
fs/cifs/cifs_dfs_ref.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/fs/cifs/cifs_dfs_ref.c b/fs/cifs/cifs_dfs_ref.c
index 6b1ce4efb591..2891089aadbb 100644
--- a/fs/cifs/cifs_dfs_ref.c
+++ b/fs/cifs/cifs_dfs_ref.c
@@ -151,6 +151,9 @@ char *cifs_compose_mount_options(const char *sb_mountdata,
return ERR_PTR(-EINVAL);
if (ref) {
+ if (WARN_ON_ONCE(!ref->node_name || ref->path_consumed < 0))
+ return ERR_PTR(-EINVAL);
+
if (strlen(fullpath) - ref->path_consumed) {
prepath = fullpath + ref->path_consumed;
/* skip initial delimiter */
--
2.30.2
Powered by blists - more mailing lists