lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20260106025502.133470-1-liubaolin12138@163.com>
Date: Tue,  6 Jan 2026 10:55:02 +0800
From: Baolin Liu <liubaolin12138@....com>
To: xiang@...nel.org,
	chao@...nel.org
Cc: zbestahu@...il.com,
	jefflexu@...ux.alibaba.com,
	dhavale@...gle.com,
	lihongbo22@...wei.com,
	guochunhai@...o.com,
	linux-erofs@...ts.ozlabs.org,
	linux-kernel@...r.kernel.org,
	Baolin Liu <liubaolin@...inos.cn>
Subject: [PATCH v1] erofs: Fix state inconsistency when updating fsid/domain_id

From: Baolin Liu <liubaolin@...inos.cn>

When updating fsid or domain_id, the code frees the old pointer before
allocating a new one. If allocation fails, the pointer becomes NULL
while the old value is already freed, causing state inconsistency.

Fix by allocating the new value first, and only freeing the old value
on success.

Signed-off-by: Baolin Liu <liubaolin@...inos.cn>
---
 fs/erofs/super.c | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/fs/erofs/super.c b/fs/erofs/super.c
index 937a215f626c..6e083d7e634c 100644
--- a/fs/erofs/super.c
+++ b/fs/erofs/super.c
@@ -509,16 +509,22 @@ static int erofs_fc_parse_param(struct fs_context *fc,
 		break;
 #ifdef CONFIG_EROFS_FS_ONDEMAND
 	case Opt_fsid:
-		kfree(sbi->fsid);
-		sbi->fsid = kstrdup(param->string, GFP_KERNEL);
-		if (!sbi->fsid)
+		char *new_fsid;
+
+		new_fsid = kstrdup(param->string, GFP_KERNEL);
+		if (!new_fsid)
 			return -ENOMEM;
+		kfree(sbi->fsid);
+		sbi->fsid = new_fsid;
 		break;
 	case Opt_domain_id:
-		kfree(sbi->domain_id);
-		sbi->domain_id = kstrdup(param->string, GFP_KERNEL);
-		if (!sbi->domain_id)
+		char *new_domain_id;
+
+		new_domain_id = kstrdup(param->string, GFP_KERNEL);
+		if (!new_domain_id)
 			return -ENOMEM;
+		kfree(sbi->domain_id);
+		sbi->domain_id = new_domain_id;
 		break;
 #else
 	case Opt_fsid:
-- 
2.39.2

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ