| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <tencent_010A807048A5F97F0A900866A35C648E2E07@qq.com>
Date: Tue, 22 Mar 2022 16:08:12 +0800
From: xkernel.wang@...mail.com
To: xiang@...nel.org, chao@...nel.org
Cc: linux-erofs@...ts.ozlabs.org, linux-kernel@...r.kernel.org,
Xiaoke Wang <xkernel.wang@...mail.com>
Subject: [PATCH] erofs: fix a potential NULL dereference of alloc_pages()
From: Xiaoke Wang <xkernel.wang@...mail.com>
alloc_pages() returns the page on success or NULL if allocation fails,
while set_page_private() will dereference `newpage`. So it is better to
catch the memory error in case other errors happen.
Signed-off-by: Xiaoke Wang <xkernel.wang@...mail.com>
---
fs/erofs/zdata.c | 14 +++++++++-----
1 file changed, 9 insertions(+), 5 deletions(-)
diff --git a/fs/erofs/zdata.c b/fs/erofs/zdata.c
index 11c7a1a..36a5421 100644
--- a/fs/erofs/zdata.c
+++ b/fs/erofs/zdata.c
@@ -735,11 +735,15 @@ static int z_erofs_do_read_page(struct z_erofs_decompress_frontend *fe,
struct page *const newpage =
alloc_page(GFP_NOFS | __GFP_NOFAIL);
- set_page_private(newpage, Z_EROFS_SHORTLIVED_PAGE);
- err = z_erofs_attach_page(clt, newpage,
- Z_EROFS_PAGE_TYPE_EXCLUSIVE);
- if (!err)
- goto retry;
+ if (!newpage) {
+ err = -ENOMEM;
+ } else {
+ set_page_private(newpage, Z_EROFS_SHORTLIVED_PAGE);
+ err = z_erofs_attach_page(clt, newpage,
+ Z_EROFS_PAGE_TYPE_EXCLUSIVE);
+ if (!err)
+ goto retry;
+ }
}
if (err)
--
Powered by blists - more mailing lists