Blame SOURCES/0024-fs-ntfs3-Potential-NULL-dereference-in-hdr_find_spli.patch
|
Kmods SIG |
63c143 |
From 8c83a4851da1c7eda83098ade238665b15774da3 Mon Sep 17 00:00:00 2001
|
|
Kmods SIG |
63c143 |
From: Dan Carpenter <dan.carpenter@oracle.com>
|
|
Kmods SIG |
63c143 |
Date: Tue, 24 Aug 2021 10:50:15 +0300
|
|
Kmods SIG |
63c143 |
Subject: [Backport 8c83a4851da1] src: Potential NULL dereference in
|
|
Kmods SIG |
63c143 |
hdr_find_split()
|
|
Kmods SIG |
63c143 |
|
|
Kmods SIG |
63c143 |
The "e" pointer is dereferenced before it has been checked for NULL.
|
|
Kmods SIG |
63c143 |
Move the dereference after the NULL check to prevent an Oops.
|
|
Kmods SIG |
63c143 |
|
|
Kmods SIG |
63c143 |
Fixes: 82cae269cfa9 ("src: Add initialization of super block")
|
|
Kmods SIG |
63c143 |
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
|
|
Kmods SIG |
63c143 |
Reviewed-by: Kari Argillander <kari.argillander@gmail.com>
|
|
Kmods SIG |
63c143 |
Signed-off-by: Konstantin Komarov <almaz.alexandrovich@paragon-software.com>
|
|
Kmods SIG |
63c143 |
---
|
|
Kmods SIG |
63c143 |
src/index.c | 3 ++-
|
|
Kmods SIG |
63c143 |
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
Kmods SIG |
63c143 |
|
|
Kmods SIG |
63c143 |
diff --git a/src/index.c b/src/index.c
|
|
Kmods SIG |
63c143 |
index 5fb41c9c89100aee4d6d0e8f7cf65556aec11250..f4729aa50671f27de961305744b3839588696108 100644
|
|
Kmods SIG |
63c143 |
--- a/src/index.c
|
|
Kmods SIG |
63c143 |
+++ b/src/index.c
|
|
Kmods SIG |
63c143 |
@@ -557,11 +557,12 @@ static const struct NTFS_DE *hdr_find_split(const struct INDEX_HDR *hdr)
|
|
Kmods SIG |
63c143 |
size_t o;
|
|
Kmods SIG |
63c143 |
const struct NTFS_DE *e = hdr_first_de(hdr);
|
|
Kmods SIG |
63c143 |
u32 used_2 = le32_to_cpu(hdr->used) >> 1;
|
|
Kmods SIG |
63c143 |
- u16 esize = le16_to_cpu(e->size);
|
|
Kmods SIG |
63c143 |
+ u16 esize;
|
|
Kmods SIG |
63c143 |
|
|
Kmods SIG |
63c143 |
if (!e || de_is_last(e))
|
|
Kmods SIG |
63c143 |
return NULL;
|
|
Kmods SIG |
63c143 |
|
|
Kmods SIG |
63c143 |
+ esize = le16_to_cpu(e->size);
|
|
Kmods SIG |
63c143 |
for (o = le32_to_cpu(hdr->de_off) + esize; o < used_2; o += esize) {
|
|
Kmods SIG |
63c143 |
const struct NTFS_DE *p = e;
|
|
Kmods SIG |
63c143 |
|
|
Kmods SIG |
63c143 |
--
|
|
Kmods SIG |
63c143 |
2.31.1
|
|
Kmods SIG |
63c143 |
|