| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20230104123902.978084-1-syoshida@redhat.com>
Date: Wed, 4 Jan 2023 21:39:02 +0900
From: Shigeru Yoshida <syoshida@...hat.com>
To: almaz.alexandrovich@...agon-software.com
Cc: ntfs3@...ts.linux.dev, linux-kernel@...r.kernel.org,
Shigeru Yoshida <syoshida@...hat.com>
Subject: [PATCH] fs/ntfs3: Fix error handling in ntfs_new_inode()
When memory allocation for mi->mrec fails, ntfs_new_inode() calls
iput(). iput() calls ni_write_inode() indirectly, it references
uninitialized mi->mrec, and this causes the kernel crash. This patch
fixes the issue by making the inode bad before calling iput().
Signed-off-by: Shigeru Yoshida <syoshida@...hat.com>
---
fs/ntfs3/fsntfs.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/fs/ntfs3/fsntfs.c b/fs/ntfs3/fsntfs.c
index 567563771bf8..7b93f2aeb6f6 100644
--- a/fs/ntfs3/fsntfs.c
+++ b/fs/ntfs3/fsntfs.c
@@ -1683,6 +1683,7 @@ struct ntfs_inode *ntfs_new_inode(struct ntfs_sb_info *sbi, CLST rno, bool dir)
out:
if (err) {
+ _ntfs_bad_inode(inode);
iput(inode);
ni = ERR_PTR(err);
}
--
2.39.0
Powered by blists - more mailing lists