lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <8836281c-e6cc-4731-9f97-dbd97fe0b0fc@linaro.org>
Date: Wed, 22 Jan 2025 14:00:03 +0200
From: Eugen Hristev <eugen.hristev@...aro.org>
To: kees@...nel.org
Cc: linux-hardening@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] pstore/zone: fix return value for psz_init_zones



On 1/21/25 17:06, Eugen Hristev wrote:
> psz_init_zones is not supposed to return NULL. It returns an errno,
> and its caller always checks for an errno to look for a problem.
> If the caller receives a NULL as a return, this code will go further
> without any errors:
> 
>         cxt->kpszs = psz_init_zones(PSTORE_TYPE_DMESG, &off,
>                         info->total_size - off_size,
>                         info->kmsg_size, &cxt->kmsg_max_cnt);
>         if (IS_ERR(cxt->kpszs)) {
>                 err = PTR_ERR(cxt->kpszs);
>                 cxt->kpszs = NULL;
>                 goto free_out;
>         }
> 
> Later, when dereferencing kpszs, a panic would occur.
> 
> Thus, to avoid this possible crash, it's better to avoid returning NULL
> in psz_init_zones, and just return -EINVAL if the parameters received
> are wrong (in this case, a zero size request).

Please disregard this patch. I found a case when NULL is being used
meaningfully so I have to find a better way to handle this.

Sorry for the noise.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ