Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp6868879imm; Tue, 24 Jul 2018 04:41:15 -0700 (PDT) X-Google-Smtp-Source: AAOMgpejHueAS6QCDbcbQqaYH6YoJdXrXdxD33oN3UcDdLvJu9V70m45YkZFbBwzXvEkouupHRRX X-Received: by 2002:a17:902:8a8e:: with SMTP id p14-v6mr16625083plo.213.1532432475353; Tue, 24 Jul 2018 04:41:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1532432475; cv=none; d=google.com; s=arc-20160816; b=n44eeJMh3LMX3MDPtDj5WdyCHtvtkowIqMq3hfRX9Lze3N74CtUXHBixOLdsEshvUc 92JGP5yOlNdB62dgNS3DgzRyF/embkY0ErOETX6ufY1kczLJ6MF2qwuz4lFNbhfrlUxX hIineg2TowYEnmmteO11Z+Lm7pnOttF+poXigsswVXJQqQM88IIOktMKAHmNsKouTGn0 crakrjMnRqR+4tyrLu4NYDIXnW/+AjNrpSBxi6TIAS1gmvLmVRbz3S8dZLOTnXgR+Omh nrGy3KS5oSmERhLr3e/RKIE8jwZugtXqFyA4s+jn4fsnqgJpi25/wVv2Dm2iUCie4FUc epVg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:date:cc:to:from:subject:message-id :arc-authentication-results; bh=dJwOFtRGQWlgwZIz/2BFU2yKjyGkGRo6VHtkkEuEqKc=; b=bg28OOqo/NhXxBrU90PuVxkVdXkffakGybCMWOTKdoz3oqXxCVPOQuwivcxoDFH/i8 mvcwwkA+Q+4096/ktHctzH207RafbI1AEIKD4e/KxpBhHNHrqOYyJ2w3klu30bA80jnt F7jP1AjkCnuhnLOrfsKBPrg+ASDX7H9lGwFIKSlPP8+9861sB9DX5y2YcN1fjJR4Al2E XhA4HXYcDXpWE1LgsbOreERpnieeu0mzkfg6e4MAh617qAc8LzC6OSSn8Ib7ZQ0xoSYX PFcZMcJu6WgXrf+vn50p7wQU9r91684I24fR3+c+ufeq1MiXNscencnnIL67XpYCaO65 iq+Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id w9-v6si1104193plz.413.2018.07.24.04.41.00; Tue, 24 Jul 2018 04:41:15 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2388275AbeGXMpg (ORCPT + 99 others); Tue, 24 Jul 2018 08:45:36 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:39254 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S2388196AbeGXMpg (ORCPT ); Tue, 24 Jul 2018 08:45:36 -0400 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id B69B8401EF05; Tue, 24 Jul 2018 11:39:32 +0000 (UTC) Received: from ovpn-112-24.rdu2.redhat.com (ovpn-112-24.rdu2.redhat.com [10.10.112.24]) by smtp.corp.redhat.com (Postfix) with ESMTP id 02E912026DE8; Tue, 24 Jul 2018 11:39:31 +0000 (UTC) Message-ID: <450ab68cc6b7cebbf1b6292e3140932ea1ac9e57.camel@redhat.com> Subject: Re: [PATCH] audit: fix potential null dereference 'context->module.name' From: Eric Paris To: Yi Wang , paul@paul-moore.com Cc: linux-audit@redhat.com, linux-kernel@vger.kernel.org, jiang.biao2@zte.com.cn, zhong.weidong@zte.com.cn Date: Tue, 24 Jul 2018 07:39:31 -0400 In-Reply-To: <1532411834-33775-1-git-send-email-wang.yi59@zte.com.cn> References: <1532411834-33775-1-git-send-email-wang.yi59@zte.com.cn> Content-Type: text/plain; charset="UTF-8" Mime-Version: 1.0 Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.5]); Tue, 24 Jul 2018 11:39:32 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.5]); Tue, 24 Jul 2018 11:39:32 +0000 (UTC) for IP:'10.11.54.4' DOMAIN:'int-mx04.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'eparis@redhat.com' RCPT:'' Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Would it make more sense to actually check for failure on allocation rather than try to remember to deal with it later? How about we just have audit_log_kern_module return an error and fail if we are OOM? (also this seems like a good place to use kstrdup, instead of kmalloc+strcpy) On Tue, 2018-07-24 at 13:57 +0800, Yi Wang wrote: > The variable 'context->module.name' may be null pointer when > kmalloc return null, so it's better to check it before using > to avoid null dereference. > > Signed-off-by: Yi Wang > Reviewed-by: Jiang Biao > --- > kernel/auditsc.c | 11 ++++++++--- > 1 file changed, 8 insertions(+), 3 deletions(-) > > diff --git a/kernel/auditsc.c b/kernel/auditsc.c > index e80459f..4830b83 100644 > --- a/kernel/auditsc.c > +++ b/kernel/auditsc.c > @@ -1272,8 +1272,12 @@ static void show_special(struct audit_context > *context, int *call_panic) > break; > case AUDIT_KERN_MODULE: > audit_log_format(ab, "name="); > - audit_log_untrustedstring(ab, context->module.name); > - kfree(context->module.name); > + if (context->module.name) { > + audit_log_untrustedstring(ab, context- > >module.name); > + kfree(context->module.name); > + } else > + audit_log_format(ab, "(null)"); > + > break; > } > audit_log_end(ab); > @@ -2409,7 +2413,8 @@ void __audit_log_kern_module(char *name) > struct audit_context *context = current->audit_context; > > context->module.name = kmalloc(strlen(name) + 1, GFP_KERNEL); > - strcpy(context->module.name, name); > + if (context->module.name) > + strcpy(context->module.name, name); > context->type = AUDIT_KERN_MODULE; > } >