lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Thu, 21 Dec 2023 09:50:19 -0500
From: Jeffrey E Altman <jaltman@...istor.com>
To: David Howells <dhowells@...hat.com>,
 Anastasia Belova <abelova@...ralinux.ru>,
 Marc Dionne <marc.dionne@...istor.com>
Cc: linux-afs@...ts.infradead.org, linux-fsdevel@...r.kernel.org,
 linux-kernel@...r.kernel.org, lvc-project@...uxtesting.org
Subject: Re: [PATCH] afs: Fix overwriting of result of DNS query

On 12/21/2023 9:23 AM, David Howells wrote:
> In afs_update_cell(), ret is the result of the DNS lookup and the errors
> are to be handled by a switch - however, the value gets clobbered in
> between by setting it to -ENOMEM in case afs_alloc_vlserver_list() fails.
>
> Fix this by moving the setting of -ENOMEM into the error handling for OOM
> failure.  Further, only do it if we don't have an alternative error to
> return.
>
> Found by Linux Verification Center (linuxtesting.org) with SVACE.  Based on
> a patch from Anastasia Belova[1].
>
> Fixes: d5c32c89b208 ("afs: Fix cell DNS lookup")
> Signed-off-by: David Howells<dhowells@...hat.com>
> cc: Anastasia Belova<abelova@...ralinux.ru>
> cc: Marc Dionne<marc.dionne@...istor.com>
> cc:linux-afs@...ts.infradead.org
> cc:lvc-project@...uxtesting.org
> Link:https://lore.kernel.org/r/20231221085849.1463-1-abelova@astralinux.ru/  [1]
>
> ---
>   fs/afs/cell.c |    6 ++++--
>   1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/fs/afs/cell.c b/fs/afs/cell.c
> index 988c2ac7cece..926cb1188eba 100644
> --- a/fs/afs/cell.c
> +++ b/fs/afs/cell.c
> @@ -409,10 +409,12 @@ static int afs_update_cell(struct afs_cell *cell)
>   		if (ret == -ENOMEM)
>   			goto out_wake;
>   
> -		ret = -ENOMEM;
>   		vllist = afs_alloc_vlserver_list(0);
> -		if (!vllist)
> +		if (!vllist) {
> +			if (ret >= 0)
> +				ret = -ENOMEM;
>   			goto out_wake;
> +		}
>   
>   		switch (ret) {
>   		case -ENODATA:
>
Reviewed-by: Jeffrey Altman <jaltman@...istor.com>


Download attachment "smime.p7s" of type "application/pkcs7-signature" (4039 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ