Would it make more sense to actually check for failure on allocation rather than try to remember to deal with it later? How about we just have audit_log_kern_module return an error and fail if we are OOM? (also this seems like a good place to use kstrdup, instead of kmalloc+strcpy)
On Tue, 2018-07-24 at 13:57 +0800, Yi Wang wrote: > The variable 'context->module.name' may be null pointer when > kmalloc return null, so it's better to check it before using > to avoid null dereference. > > Signed-off-by: Yi Wang <[email protected]> > Reviewed-by: Jiang Biao <[email protected]> > --- > kernel/auditsc.c | 11 ++++++++--- > 1 file changed, 8 insertions(+), 3 deletions(-) > > diff --git a/kernel/auditsc.c b/kernel/auditsc.c > index e80459f..4830b83 100644 > --- a/kernel/auditsc.c > +++ b/kernel/auditsc.c > @@ -1272,8 +1272,12 @@ static void show_special(struct audit_context > *context, int *call_panic) > break; > case AUDIT_KERN_MODULE: > audit_log_format(ab, "name="); > - audit_log_untrustedstring(ab, context->module.name); > - kfree(context->module.name); > + if (context->module.name) { > + audit_log_untrustedstring(ab, context- > >module.name); > + kfree(context->module.name); > + } else > + audit_log_format(ab, "(null)"); > + > break; > } > audit_log_end(ab); > @@ -2409,7 +2413,8 @@ void __audit_log_kern_module(char *name) > struct audit_context *context = current->audit_context; > > context->module.name = kmalloc(strlen(name) + 1, GFP_KERNEL); > - strcpy(context->module.name, name); > + if (context->module.name) > + strcpy(context->module.name, name); > context->type = AUDIT_KERN_MODULE; > } > -- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
