Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp1687341ybi; Wed, 17 Jul 2019 20:08:30 -0700 (PDT) X-Google-Smtp-Source: APXvYqyovaX+/Dh3bl7oTfSO/qUNCa7iajBQ3CQMQmraI65Y3FrV5a8fg249rqRArL/8tjdxdXs2 X-Received: by 2002:a17:90a:b908:: with SMTP id p8mr48199468pjr.94.1563419309898; Wed, 17 Jul 2019 20:08:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1563419309; cv=none; d=google.com; s=arc-20160816; b=XrjSuu5PvqhJzrKE8pjqBA6rIyl3X8M9UHb90ElfwxVbFzlYsu9W0o7sc5NlhXaBnW Uk8rYwKWosZSQzdLRtfu0dvTIZbQzGUQ/FMnqJVMpMNSacZJM3fLNIreSxs5/WTpyDTm DOOz71fFfEZwxqvcuu0AxaR4hgiMD3AJaR3DTSuIFrZfPb7TVcoFwjqklbuTyWyPIoOg qXy1SCgq/KBmMjszGmn5TQ0mYu7s4ithJIM5TbhDtJTl9UnDT+n8ZSyL3Vy9Ok7J8Hzs 7eCs+3fasYYJaPAbwDfqKH3QjnRgPZQoqt1uGRcmLBHT1DJo+WOaKys08qs/91zUdPYl LmZQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=dlb9oOCN+PM2c08BzUAzFaNByuIN+0prdY/TBNIgU4w=; b=vS9Vh1IIEAi6SL1SCTR1igE8LXuxEqmUke2dqFeHZavGT8AapHFvD3S3ZjaIoRLF8o Qxc477jzstG4Nhm4Jrh7TSHE89BZzigUet6oC+CqZvi2I1pvVB0pgRedrswTPLXzOAdQ ewt4pVPeP4moprgbx0FMwaJu6KHXj2wfSKtqz3VzA5FJqNPo47aFzNIIMqx/68QrB/ih RjTtaQHHlaX+bsvJIVFV2ZD71ggRezJOVEdrXvSJ77mJvHcRK2mjVR0bYdMMnWtry92/ 75i0n7YVIPJ/g2ozLJ7FmHTiDtIerftOWNvT+1FJFLYnXUlkiEThQ4BtXpVFMbUgi0Vv 3fsQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=eskZEKCC; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id a10si1490714pff.277.2019.07.17.20.08.13; Wed, 17 Jul 2019 20:08:29 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=eskZEKCC; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2389631AbfGRDHK (ORCPT + 99 others); Wed, 17 Jul 2019 23:07:10 -0400 Received: from mail.kernel.org ([198.145.29.99]:38544 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2390345AbfGRDHH (ORCPT ); Wed, 17 Jul 2019 23:07:07 -0400 Received: from localhost (115.42.148.210.bf.2iij.net [210.148.42.115]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 81824205F4; Thu, 18 Jul 2019 03:07:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1563419227; bh=CU9tKT6KmdY5XkHWOV14uNEe1lBa1UfOHASx6+LfbQ4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=eskZEKCCMxl0XMBMymLl8BbplXVExK9LFenEd8DbvJkoUK3JfJ5dUq+lr+eIjnzKH ZZbVNOLwnki3J6grwZVStyGlYXfv5ZTuhhtncWt/mGT77fCKkkcp/204nufvzuH2jp vyVXXbV0WiO3gFdjP5+0tuf0A34LP1NuXU9GyS6A= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Jerome Marchand , Mike Snitzer , Sasha Levin Subject: [PATCH 4.19 20/47] dm table: dont copy from a NULL pointer in realloc_argv() Date: Thu, 18 Jul 2019 12:01:34 +0900 Message-Id: <20190718030050.388713512@linuxfoundation.org> X-Mailer: git-send-email 2.22.0 In-Reply-To: <20190718030045.780672747@linuxfoundation.org> References: <20190718030045.780672747@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org [ Upstream commit a0651926553cfe7992166432e418987760882652 ] For the first call to realloc_argv() in dm_split_args(), old_argv is NULL and size is zero. Then memcpy is called, with the NULL old_argv as the source argument and a zero size argument. AFAIK, this is undefined behavior and generates the following warning when compiled with UBSAN on ppc64le: In file included from ./arch/powerpc/include/asm/paca.h:19, from ./arch/powerpc/include/asm/current.h:16, from ./include/linux/sched.h:12, from ./include/linux/kthread.h:6, from drivers/md/dm-core.h:12, from drivers/md/dm-table.c:8: In function 'memcpy', inlined from 'realloc_argv' at drivers/md/dm-table.c:565:3, inlined from 'dm_split_args' at drivers/md/dm-table.c:588:9: ./include/linux/string.h:345:9: error: argument 2 null where non-null expected [-Werror=nonnull] return __builtin_memcpy(p, q, size); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~ drivers/md/dm-table.c: In function 'dm_split_args': ./include/linux/string.h:345:9: note: in a call to built-in function '__builtin_memcpy' Signed-off-by: Jerome Marchand Signed-off-by: Mike Snitzer Signed-off-by: Sasha Levin --- drivers/md/dm-table.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/md/dm-table.c b/drivers/md/dm-table.c index c7fe4789c40e..34ab30dd5de9 100644 --- a/drivers/md/dm-table.c +++ b/drivers/md/dm-table.c @@ -562,7 +562,7 @@ static char **realloc_argv(unsigned *size, char **old_argv) gfp = GFP_NOIO; } argv = kmalloc_array(new_size, sizeof(*argv), gfp); - if (argv) { + if (argv && old_argv) { memcpy(argv, old_argv, *size * sizeof(*argv)); *size = new_size; } -- 2.20.1