--- Subject: [PATCH] eCryptfs: NULL crypt_stat dereference during lookup If ecryptfs_encrypted_view or ecryptfs_xattr_metadata were being specified as mount options, a NULL pointer dereference was possible during lookup.
This patch moves the crypt_stat assignment into ecryptfs_lookup_and_interpose_lower(), ensuring that crypt_stat will not be NULL before we attempt to dereference it. Thanks to Dan Carpenter and his static analysis tool, smatch, for finding this bug. Signed-off-by: Tyler Hicks <[email protected]> --- Sent upstream: http://thread.gmane.org/gmane.linux.kernel/809706 ** Attachment added: "[PATCH] eCryptfs: NULL crypt_stat dereference during lookup" http://launchpadlibrarian.net/24142245/0002-eCryptfs-NULL-crypt_stat-dereference-during-lookup.patch ** Changed in: ecryptfs Importance: Undecided => High Assignee: (unassigned) => Tyler Hicks (tyhicks) Status: New => In Progress ** Also affects: ecryptfs-utils (Ubuntu) Importance: Undecided Status: New -- NULL crypt_stat dereference during lookup https://bugs.launchpad.net/bugs/345766 You received this bug notification because you are a member of eCryptfs, which is subscribed to ecryptfs-utils in ubuntu. Status in eCryptfs - Enterprise Cryptographic Filesystem: In Progress Status in “ecryptfs-utils” source package in Ubuntu: New Bug description: If ecryptfs_encrypted_view or ecryptfs_xattr_metadata is being specified as mount options, a NULL pointer dereference is possible during lookup. Reproduce: --- # mount -t ecryptfs lower upper # touch upper/oops # umout upper # mount -t ecryptfs lower upper -o ecryptfs_encrypted_view # ls upper/ --- You should have seen an oops after running `ls`. _______________________________________________ Mailing list: https://launchpad.net/~ecryptfs Post to : [email protected] Unsubscribe : https://launchpad.net/~ecryptfs More help : https://help.launchpad.net/ListHelp
