| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Y7lMKhXSQvwvLq7L@gmail.com>
Date: Sat, 7 Jan 2023 11:40:42 +0100
From: Ingo Molnar <mingo@...nel.org>
To: Liam Ni <zhiguangni01@...il.com>
Cc: x86@...nel.org, linux-kernel@...r.kernel.org,
linux-arch@...r.kernel.org, linux-efi@...r.kernel.org,
linux-doc@...r.kernel.org, linux-mm@...ck.org, kvm@...r.kernel.org,
kasan-dev@...glegroups.com
Subject: Re: [PATCH] x86/boot: Check if the input parameter (buffer) of the
function is a null pointer
* Liam Ni <zhiguangni01@...il.com> wrote:
> If the variable buffer is a null pointer, it may cause the kernel to crash.
>
> Signed-off-by: Liam Ni <zhiguangni01@...il.com>
> ---
> arch/x86/boot/cmdline.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/arch/x86/boot/cmdline.c b/arch/x86/boot/cmdline.c
> index 21d56ae83cdf..d0809f66054c 100644
> --- a/arch/x86/boot/cmdline.c
> +++ b/arch/x86/boot/cmdline.c
> @@ -39,7 +39,7 @@ int __cmdline_find_option(unsigned long cmdline_ptr, const char *option, char *b
> st_bufcpy /* Copying this to buffer */
> } state = st_wordstart;
>
> - if (!cmdline_ptr)
> + if (!cmdline_ptr || buffer == NULL)
> return -1; /* No command line */
Can this ever happen?
Thanks,
Ingo
Powered by blists - more mailing lists