| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ZteBCowxVXt7DLFF@tissot.1015granger.net>
Date: Tue, 3 Sep 2024 17:35:06 -0400
From: Chuck Lever <chuck.lever@...cle.com>
To: Li Lingfeng <lilingfeng3@...wei.com>
Cc: jlayton@...nel.org, neilb@...e.de, okorniev@...hat.com, Dai.Ngo@...cle.com,
tom@...pey.com, linux-nfs@...r.kernel.org,
linux-kernel@...r.kernel.org, yukuai1@...weicloud.com,
houtao1@...wei.com, yi.zhang@...wei.com, yangerkun@...wei.com,
lilingfeng@...weicloud.com
Subject: Re: [PATCH] nfsd: return -EINVAL when namelen is 0
On Tue, 03 Sep 2024 19:14:46 +0800, Li Lingfeng wrote:
> When we have a corrupted main.sqlite in /var/lib/nfs/nfsdcld/, it may
> result in namelen being 0, which will cause memdup_user() to return
> ZERO_SIZE_PTR.
> When we access the name.data that has been assigned the value of
> ZERO_SIZE_PTR in nfs4_client_to_reclaim(), null pointer dereference is
> triggered.
>
> [...]
Kept the new dprintk call sites since this is not a hot path and
there needs to be some observability here rather than a silent
failure. I'm not convinced the error text is especially clear, but
I don't have a better suggestion at the moment.
Applied to nfsd-next for v6.12, thanks!
[1/1] nfsd: return -EINVAL when namelen is 0
commit: e492841732bbce2b2dd19cd285d5e7f61b1bdaee
--
Chuck Lever
Powered by blists - more mailing lists