linux-kernel - Re: [PATCH] Null check to prevent null-ptr-deref bug

lists.openwall.net		lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC
Open Source and information security mailing list archives

Hash Suite: Windows password security audit tool. GUI, reports in PDF.

[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]

Message-ID: <2023052822-mauve-gauging-0ab3@gregkh>
Date:   Sun, 28 May 2023 17:46:39 +0100
From:   Greg KH <gregkh@...uxfoundation.org>
To:     Prince Kumar Maurya <princekumarmaurya06@...il.com>
Cc:     skhan@...uxfoundation.org, viro@...iv.linux.org.uk,
        brauner@...nel.org, chenzhongjin@...wei.com,
        syzkaller-bugs@...glegroups.com,
        linux-kernel-mentees@...ts.linuxfoundation.org,
        linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] Null check to prevent null-ptr-deref bug

On Sun, May 28, 2023 at 09:44:00AM -0700, Prince Kumar Maurya wrote:
> sb_getblk(inode->i_sb, parent) return a null ptr and taking lock on that leads to the null-ptr-deref bug.
> 
> Signed-off-by: Prince Kumar Maurya <princekumarmaurya06@...il.com>
> ---
>  fs/sysv/itree.c | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/fs/sysv/itree.c b/fs/sysv/itree.c
> index b22764fe669c..3a6b66e719fd 100644
> --- a/fs/sysv/itree.c
> +++ b/fs/sysv/itree.c
> @@ -145,6 +145,8 @@ static int alloc_branch(struct inode *inode,
>  		 */
>  		parent = block_to_cpu(SYSV_SB(inode->i_sb), branch[n-1].key);
>  		bh = sb_getblk(inode->i_sb, parent);
> +		if (!bh)
> +			break;
>  		lock_buffer(bh);
>  		memset(bh->b_data, 0, blocksize);
>  		branch[n].bh = bh;
> -- 
> 2.40.1

Why resend this when I already responded:
	https://lore.kernel.org/r/2023052803-pucker-depress-5452@gregkh

confused,

greg k-h