Re: [syzbot] [fs?] BUG: unable to handle kernel NULL pointer dereference in path_from_stashed

From: Edward Adam Davis
Date: Sun Jul 21 2024 - 00:56:39 EST

Next message: syzbot: "Re: [syzbot] [fs?] BUG: unable to handle kernel NULL pointer dereference in path_from_stashed"
Previous message: syzbot: "Re: [syzbot] [bpf?] [net?] KASAN: slab-use-after-free Read in bq_xmit_all"
In reply to: syzbot: "[syzbot] [fs?] BUG: unable to handle kernel NULL pointer dereference in path_from_stashed"
Next in thread: syzbot: "Re: [syzbot] [fs?] BUG: unable to handle kernel NULL pointer dereference in path_from_stashed"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

time_ns is null ?

#syz test: upstream 5e0497553643

diff --git a/fs/pidfs.c b/fs/pidfs.c
index c9cb14181def..fdae58eb1d98 100644
--- a/fs/pidfs.c
+++ b/fs/pidfs.c
@@ -168,6 +168,8 @@ static long pidfd_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
case PIDFD_GET_TIME_NAMESPACE:
get_time_ns(nsp->time_ns);
ns_common = to_ns_common(nsp->time_ns);
+ if (!nsp->time_ns)
+ return -EINVAL;
break;
case PIDFD_GET_TIME_FOR_CHILDREN_NAMESPACE:
get_time_ns(nsp->time_ns_for_children);

Next message: syzbot: "Re: [syzbot] [fs?] BUG: unable to handle kernel NULL pointer dereference in path_from_stashed"
Previous message: syzbot: "Re: [syzbot] [bpf?] [net?] KASAN: slab-use-after-free Read in bq_xmit_all"
In reply to: syzbot: "[syzbot] [fs?] BUG: unable to handle kernel NULL pointer dereference in path_from_stashed"
Next in thread: syzbot: "Re: [syzbot] [fs?] BUG: unable to handle kernel NULL pointer dereference in path_from_stashed"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]