KASAN: null-ptr-deref Read in xattr_getsecurity
Tetsuo Handa
penguin-kernel at I-love.SAKURA.ne.jp
Tue Apr 10 21:00:44 UTC 2018
Eric W. Biederman wrote:
> Tetsuo Handa <penguin-kernel at I-love.SAKURA.ne.jp> writes:
>
> > From 904d07a6eb014f3df0c5a1ebfcfd4323276a9a76 Mon Sep 17 00:00:00 2001
> > From: Tetsuo Handa <penguin-kernel at I-love.SAKURA.ne.jp>
> > Date: Tue, 10 Apr 2018 15:15:16 +0900
> > Subject: [PATCH] commoncap: Handle memory allocation failure.
> >
> > syzbot is reporting NULL pointer dereference at xattr_getsecurity() [1],
> > for cap_inode_getsecurity() is returning sizeof(struct vfs_cap_data) when
> > memory allocation failed. Return -ENOMEM if memory allocation failed.
> >
> > [1] https://syzkaller.appspot.com/bug?id=a55ba438506fe68649a5f50d2d82d56b365e0107
>
> Acked-by: "Eric W. Biederman" <ebiederm at xmission.com>
>
> Tetsuo I can pick this up, or do you have preferred path for getting
> this change merged?
I don't have preferred path. You can pick this up. Thanks.
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
More information about the Linux-security-module-archive
mailing list