| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 13 Oct 2021 17:12:07 +0800
From: Gaosheng Cui <cuigaosheng1@...wei.com>
To: <paul@...l-moore.com>, <eparis@...hat.com>
CC: <linux-audit@...hat.com>, <linux-kernel@...r.kernel.org>,
<xiujianfeng@...wei.com>, <wangweiyang2@...wei.com>
Subject: [PATCH -next,v2 1/2] audit: fix possible null-pointer dereference in audit_filter_rules
Fix this possible null-pointer dereference in audit_filter_rules.
If ctx is null, a null-pointer dereference will occur:
case AUDIT_SADDR_FAM:
if (ctx->sockaddr)
...
break;
audit_filter_rules() error: we previously assumed 'ctx' could be null
Reported-by: kernel test robot <lkp@...el.com>
Reported-by: Dan Carpenter <dan.carpenter@...cle.com>
Signed-off-by: Gaosheng Cui <cuigaosheng1@...wei.com>
---
kernel/auditsc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 4ba3b8573ff4..42d4a4320526 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -647,7 +647,7 @@ static int audit_filter_rules(struct task_struct *tsk,
result = audit_comparator(audit_loginuid_set(tsk), f->op, f->val);
break;
case AUDIT_SADDR_FAM:
- if (ctx->sockaddr)
+ if (ctx && ctx->sockaddr)
result = audit_comparator(ctx->sockaddr->ss_family,
f->op, f->val);
break;
--
2.30.0
Powered by blists - more mailing lists