[PATCH -next 0/5] fs: fix possible null-ptr-deref when parsing param

From: Hawkins Jiawei
Date: Sun Oct 23 2022 - 12:40:37 EST

Next message: Hawkins Jiawei: "[PATCH -next 1/5] smb3: fix possible null-ptr-deref when parsing param"
Previous message: Job Noorman: "Re: [PATCH v4 2/3] Input: add driver for Himax hx83112b touchscreen devices"
Next in thread: Hawkins Jiawei: "[PATCH -next 1/5] smb3: fix possible null-ptr-deref when parsing param"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

According to commit "vfs: parse: deal with zero length string value",
kernel will set the param->string to null pointer in vfs_parse_fs_string()
if fs string has zero length.

Yet the problem is that, when fs parses its mount parameters, it will
dereferences the param->string, without checking whether it is a
null pointer, which may trigger a null-ptr-deref bug.

So this patchset reviews all functions for fs to parse parameters,
by using `git grep -n "\.parse_param" fs/*`, and adds sanity check
on param->string if its function will dereference param->string
without check.

Hawkins Jiawei (5):
smb3: fix possible null-ptr-deref when parsing param
nfs: fix possible null-ptr-deref when parsing param
ceph: fix possible null-ptr-deref when parsing param
gfs2: fix possible null-ptr-deref when parsing param
proc: fix possible null-ptr-deref when parsing param

fs/ceph/super.c | 3 +++
fs/cifs/fs_context.c | 58 +++++++++++++++++++++++++++++++++++++++++++-
fs/gfs2/ops_fstype.c | 10 ++++++++
fs/nfs/fs_context.c | 6 +++++
fs/proc/root.c | 3 +++
5 files changed, 79 insertions(+), 1 deletion(-)

--
2.25.1

Next message: Hawkins Jiawei: "[PATCH -next 1/5] smb3: fix possible null-ptr-deref when parsing param"
Previous message: Job Noorman: "Re: [PATCH v4 2/3] Input: add driver for Himax hx83112b touchscreen devices"
Next in thread: Hawkins Jiawei: "[PATCH -next 1/5] smb3: fix possible null-ptr-deref when parsing param"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]