lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <35a8d2093ba4c4b60ce07f1efc17ff2595f6964d.camel@HansenPartnership.com>
Date: Wed, 02 Apr 2025 07:38:31 -0400
From: James Bottomley <James.Bottomley@...senPartnership.com>
To: Xiaole He <hexiaole1994@....com>, viro@...iv.linux.org.uk, 
	brauner@...nel.org
Cc: jack@...e.cz, linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v1] fs/super.c: Add NULL check for type in
 iterate_supers_type

On Wed, 2025-04-02 at 11:45 +0800, Xiaole He wrote:
> The first several lines of iterate_supers_type are below:
> 
> 1 void iterate_supers_type(struct file_system_type *type,
> 2 	void (*f)(struct super_block *, void *), void *arg)
> 3 {
> 4 	struct super_block *sb, *p = NULL;
> 5
> 6 	spin_lock(&sb_lock);
> 7 	hlist_for_each_entry(sb, &type->fs_supers, s_instances) {
> 8 	...
> 9 }
> 
> The iterate_super_type is a exported symbol, and if
> iterate_supers_type is called with type of NULL, then there will be a
> NULL pointer dereference of argument type in line 7.

filesystem_type is an argument to alloc_super, which the filesystems
code always fills in.  If a filesystem passed a NULL type to the
context, the initialization code would crash on a NULL deref (iterating
type->fs_supers) which makes what you're checking for here an
impossible condition, doesn't it?

Regards,

James

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ