]> git.proxmox.com Git - mirror_ubuntu-kernels.git/commit
fs: kernfs: Fix possible null-pointer dereferences in kernfs_path_from_node_locked()
authorJia-Ju Bai <baijiaju1990@gmail.com>
Wed, 24 Jul 2019 02:22:42 +0000 (10:22 +0800)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Thu, 25 Jul 2019 13:32:51 +0000 (15:32 +0200)
commitbbe70e4e421116db0af3acf84cbce3c3f6cac53e
tree189d5d1d40f6f7584304ca23f3f047fbb233e1a0
parent2fd60da46da76948b8cc561ae8cc902209686253
fs: kernfs: Fix possible null-pointer dereferences in kernfs_path_from_node_locked()

In kernfs_path_from_node_locked(), there is an if statement on line 147
to check whether buf is NULL:
    if (buf)

When buf is NULL, it is used on line 151:
    len += strlcpy(buf + len, parent_str, ...)
and line 158:
    len += strlcpy(buf + len, "/", ...)
and line 160:
    len += strlcpy(buf + len, kn->name, ...)

Thus, possible null-pointer dereferences may occur.

To fix these possible bugs, buf is checked before being used.
If it is NULL, -EINVAL is returned.

These bugs are found by a static analysis tool STCheck written by us.

Signed-off-by: Jia-Ju Bai <baijiaju1990@gmail.com>
Link: https://lore.kernel.org/r/20190724022242.27505-1-baijiaju1990@gmail.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
fs/kernfs/dir.c