[RHEL7,COMMIT] fs/fuse kio: set NULL to stat->kio_stat in failure case

Submitted by Konstantin Khorenko on July 5, 2019, 7:48 a.m.

Details

Message ID 201907050748.x657m8RK010646@finist-ce7.sw.ru
State New
Series "fs/fuse kio: set NULL to stat->kio_stat in failure case"
Headers show

Commit Message

Konstantin Khorenko July 5, 2019, 7:48 a.m.
The commit is pushed to "branch-rh7-3.10.0-957.21.3.vz7.106.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh7-3.10.0-957.21.3.vz7.106.4
------>
commit dadb4e59ebe7997df2dffceb0b83e598b05dacf3
Author: Pavel Butsykin <pbutsykin@virtuozzo.com>
Date:   Fri Jul 5 10:48:08 2019 +0300

    fs/fuse kio: set NULL to stat->kio_stat in failure case
    
    At the beginning of the initialization, 'stat' struct may contain garbage, so
    if pcs_fuse_stat_init() fails before stat->kio_stat field is initialized, there
    may be garbage in stat->kio_stat, which can lead to a crash due to an invalid
    address access.
    
    Signed-off-by: Pavel Butsykin <pbutsykin@virtuozzo.com>
---
 fs/fuse/kio/pcs/fuse_stat.c | 1 +
 1 file changed, 1 insertion(+)

Patch hide | download patch | download mbox

diff --git a/fs/fuse/kio/pcs/fuse_stat.c b/fs/fuse/kio/pcs/fuse_stat.c
index 25d5572d6061..b57be607f5e1 100644
--- a/fs/fuse/kio/pcs/fuse_stat.c
+++ b/fs/fuse/kio/pcs/fuse_stat.c
@@ -842,6 +842,7 @@  void pcs_fuse_stat_init(struct pcs_fuse_stat *stat)
 fail2:
 	pcs_fuse_io_stat_free(&stat->io);
 fail1:
+	stat->kio_stat = NULL;
 	mutex_unlock(&fuse_mutex);
 }