Received: by 2002:a05:6359:c8b:b0:c7:702f:21d4 with SMTP id go11csp3544846rwb; Tue, 20 Sep 2022 00:52:58 -0700 (PDT) X-Google-Smtp-Source: AMsMyM7xiNGckQRfcKXjZlcZ8/k6Ux1u2WqR7nu5VUyhOksqQBzOH9p2AUni5Q2T+rhQGISE/lpp X-Received: by 2002:a05:6a00:150c:b0:545:cdc2:94e5 with SMTP id q12-20020a056a00150c00b00545cdc294e5mr22178269pfu.37.1663660377948; Tue, 20 Sep 2022 00:52:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1663660377; cv=none; d=google.com; s=arc-20160816; b=J/inaP1FT0DWIjEEgOQ0dmeODb2X6RDA3szdqUYakvz8NLIWED5NGNNfVovjyNaZe5 MNeyKy3UI/WeeEwOzLeDitxhSUIexYsWy9cLY3QfmlbjiE9shxpPreuCGyaadEjXEO6Y dCi6ljJOsD0ZHjwB4QH5jIXtKP7jCUZI961JaoEZQ9Y+lYxilccZ51/oFmB0JL0rJoN8 RBTSlZIsIGdQuc8OJOkTEt4zaQ4y406mi9/mCZ2wFKat99dF5sH+RJf8GI4psBJWAviV eEA+SM2dk8hYAjQEvRWdoF4Bz0OyDlvtuj5zNLdXl3WlBcb6+E94YyeLuFyy5RUvx2hp E69Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:message-id:date:cc:to:from:subject; bh=DcUOQHELMf87QkESERIXeeHLvLLfJsQiiH7de2ROcSM=; b=hiVadmI/sjz894MtMtTXahSpRXTNtTl2VjzbO6Ew/wxd+Z7bvta/wrhQiDMkX9+Frw Do0CfIdIxix8MYJkVdnGFZWDqDmH9sP3peUZ/GMjHGbUyXfQAv05TZBAZ2bfB9tQ0UJX vXYFZLTl370znMxz2AyaM4UtSxXa/xj1MPLKWGjjMVdCLw/vdJEpdFB9uuZ4e58f5bsA qgEODMAqTDWgv4lbk7nSmRlK/YWJ7NE/8pTXsvMlnavqrUTseA4HUsZkynTwoAHVvuPr Wzlmsb2n1wmEIiDN8oS5AHTeRZA7Up7PnnJOKIa5mlOOqDWynwFvTGUv6a7lK4nE8l5s hzhQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id z14-20020a056a00240e00b0054bc5e48345si962268pfh.286.2022.09.20.00.52.45; Tue, 20 Sep 2022 00:52:57 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230102AbiITHfT (ORCPT + 99 others); Tue, 20 Sep 2022 03:35:19 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41650 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229911AbiITHfI (ORCPT ); Tue, 20 Sep 2022 03:35:08 -0400 X-Greylist: delayed 520 seconds by postgrey-1.37 at lindbergh.monkeyblade.net; Tue, 20 Sep 2022 00:35:05 PDT Received: from smtp01.aussiebb.com.au (smtp01.aussiebb.com.au [121.200.0.92]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8669D286E9; Tue, 20 Sep 2022 00:35:04 -0700 (PDT) Received: from localhost (localhost.localdomain [127.0.0.1]) by smtp01.aussiebb.com.au (Postfix) with ESMTP id 0B304100392; Tue, 20 Sep 2022 17:26:20 +1000 (AEST) X-Virus-Scanned: Debian amavisd-new at smtp01.aussiebb.com.au Received: from smtp01.aussiebb.com.au ([127.0.0.1]) by localhost (smtp01.aussiebb.com.au [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bqzabNvPKfwb; Tue, 20 Sep 2022 17:26:20 +1000 (AEST) Received: by smtp01.aussiebb.com.au (Postfix, from userid 116) id F1BD6100562; Tue, 20 Sep 2022 17:26:19 +1000 (AEST) X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 Received: from donald.themaw.net (180-150-90-198.b4965a.per.nbn.aussiebb.net [180.150.90.198]) by smtp01.aussiebb.com.au (Postfix) with ESMTP id C617810026B; Tue, 20 Sep 2022 17:26:17 +1000 (AEST) Subject: [REPOST PATCH v3 0/2] vfs: fix a mount table handling problem From: Ian Kent To: Al Viro Cc: Andrew Morton , Siddhesh Poyarekar , David Howells , Miklos Szeredi , Carlos Maiolino , linux-fsdevel , Kernel Mailing List Date: Tue, 20 Sep 2022 15:26:17 +0800 Message-ID: <166365872189.39016.10771273319597352356.stgit@donald.themaw.net> User-Agent: StGit/1.1 MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Whenever a mount has an empty "source" (aka mnt_fsname), the glibc function getmntent incorrectly parses its input, resulting in reporting incorrect data to the caller. The problem is that the get_mnt_entry() function in glibc's misc/mntent_r.c assumes that leading whitespace on a line can always be discarded because it will always be followed by a # for the case of a comment or a non-whitespace character that's part of the value of the first field. However, this assumption is violated when the value of the first field is an empty string. This is fixed in the mount API code by simply checking for a pointer that contains a NULL and treating it as a NULL pointer. Changes: v3: added patch to fix zero length string access violation caused after fs parser patch is applied. v2: fix possible oops if conversion functions such as fs_param_is_u32() are called. Signed-off-by: Ian Kent --- Ian Kent (2): ext4: fix possible null pointer dereference vfs: parse: deal with zero length string value fs/ext4/super.c | 4 ++-- fs/fs_context.c | 17 ++++++++++++----- fs/fs_parser.c | 16 ++++++++++++++++ include/linux/fs_context.h | 3 ++- 4 files changed, 32 insertions(+), 8 deletions(-) -- Ian