lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sun, 28 May 2023 17:46:39 +0100
From:   Greg KH <gregkh@...uxfoundation.org>
To:     Prince Kumar Maurya <princekumarmaurya06@...il.com>
Cc:     skhan@...uxfoundation.org, viro@...iv.linux.org.uk,
        brauner@...nel.org, chenzhongjin@...wei.com,
        syzkaller-bugs@...glegroups.com,
        linux-kernel-mentees@...ts.linuxfoundation.org,
        linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] Null check to prevent null-ptr-deref bug

On Sun, May 28, 2023 at 09:44:00AM -0700, Prince Kumar Maurya wrote:
> sb_getblk(inode->i_sb, parent) return a null ptr and taking lock on that leads to the null-ptr-deref bug.
> 
> Signed-off-by: Prince Kumar Maurya <princekumarmaurya06@...il.com>
> ---
>  fs/sysv/itree.c | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/fs/sysv/itree.c b/fs/sysv/itree.c
> index b22764fe669c..3a6b66e719fd 100644
> --- a/fs/sysv/itree.c
> +++ b/fs/sysv/itree.c
> @@ -145,6 +145,8 @@ static int alloc_branch(struct inode *inode,
>  		 */
>  		parent = block_to_cpu(SYSV_SB(inode->i_sb), branch[n-1].key);
>  		bh = sb_getblk(inode->i_sb, parent);
> +		if (!bh)
> +			break;
>  		lock_buffer(bh);
>  		memset(bh->b_data, 0, blocksize);
>  		branch[n].bh = bh;
> -- 
> 2.40.1

Why resend this when I already responded:
	https://lore.kernel.org/r/2023052803-pucker-depress-5452@gregkh

confused,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ