| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20221116121556.91060-1-arefev@swemel.ru>
Date: Wed, 16 Nov 2022 15:15:34 +0300
From: Denis Arefev <arefev@...mel.ru>
To: Trond Myklebust <trond.myklebust@...merspace.com>
Cc: Anna Schumaker <anna.schumaker@...app.com>,
linux-nfs@...r.kernel.org, linux-kernel@...r.kernel.org,
trufanov@...mel.ru, vfh@...mel.ru
Subject: [PATCH] fs: nfs: Added pointer check
Return value of a function 'xdr_inline_decode' is dereferenced at
nfs4xdr.c:5540 without checking for null,
ut it is usually checked for this function
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Signed-off-by: Denis Arefev <arefev@...mel.ru>
---
fs/nfs/nfs4xdr.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/fs/nfs/nfs4xdr.c b/fs/nfs/nfs4xdr.c
index c6dbfcae7517..571cc63ecb61 100644
--- a/fs/nfs/nfs4xdr.c
+++ b/fs/nfs/nfs4xdr.c
@@ -5533,6 +5533,8 @@ static int decode_op_map(struct xdr_stream *xdr, struct nfs4_op_map *op_map)
if (bitmap_words > NFS4_OP_MAP_NUM_WORDS)
return -EIO;
p = xdr_inline_decode(xdr, 4 * bitmap_words);
+ if (!p)
+ return -EIO;
for (i = 0; i < bitmap_words; i++)
op_map->u.words[i] = be32_to_cpup(p++);
--
2.25.1
Powered by blists - more mailing lists