| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAH2r5mvsuTE=DoP-TwzSsREbGTgnsdNMMnPzK2ypLts6YuX_dg@mail.gmail.com>
Date: Thu, 12 Sep 2024 20:14:02 -0500
From: Steve French <smfrench@...il.com>
To: Qianqiang Liu <qianqiang.liu@....com>
Cc: ematsumiya@...e.de, sfrench@...ba.org, linux-cifs@...r.kernel.org,
samba-technical@...ts.samba.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] smb: client: compress: fix a potential issue of freeing
an invalid pointer
Good catch.
Added to cifs-2.6.git for-next
On Thu, Sep 12, 2024 at 7:02 PM Qianqiang Liu <qianqiang.liu@....com> wrote:
>
> The dst pointer may not be initialized when calling kvfree(dst)
>
> Fixes: 13b68d44990d9 ("smb: client: compress: LZ77 code improvements cleanup")
> Signed-off-by: Qianqiang Liu <qianqiang.liu@....com>
> ---
> fs/smb/client/compress.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/fs/smb/client/compress.c b/fs/smb/client/compress.c
> index 65d3d219e8bc..daf84e39861c 100644
> --- a/fs/smb/client/compress.c
> +++ b/fs/smb/client/compress.c
> @@ -318,7 +318,7 @@ int smb_compress(struct TCP_Server_Info *server, struct smb_rqst *rq, compress_s
> {
> struct iov_iter iter;
> u32 slen, dlen;
> - void *src, *dst;
> + void *src, *dst = NULL;
> int ret;
>
> if (!server || !rq || !rq->rq_iov || !rq->rq_iov->iov_base)
> --
> 2.34.1
>
>
--
Thanks,
Steve
Powered by blists - more mailing lists