Blob Blame History Raw
From 4a92545b8711df405dc804236d66386780696ce1 Mon Sep 17 00:00:00 2001
From: Zhiqiang Liu <liuzhiqiang26@huawei.com>
Date: Wed, 30 Jun 2021 16:27:20 +0800
Subject: [PATCH 31/46] misc: fix potential segmentation fault problem in
 scandir()
Content-Type: text/plain

In scandir(), temp_list[num_dent] is allocated by calling
malloc(), we should check whether malloc() returns NULL before
accessing temp_list[num_dent].

Signed-off-by: Zhiqiang Liu <liuzhiqiang26@huawei.com>
Signed-off-by: Wu Guanghao <wuguanghao3@huawei.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
---
 misc/create_inode.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/misc/create_inode.c b/misc/create_inode.c
index 6f8487b9..38f37beb 100644
--- a/misc/create_inode.c
+++ b/misc/create_inode.c
@@ -752,6 +752,8 @@ static int scandir(const char *dir_name, struct dirent ***name_list,
 		}
 		// add the copy of dirent to the list
 		temp_list[num_dent] = (struct dirent*)malloc((dent->d_reclen + 3) & ~3);
+		if (!temp_list[num_dent])
+			goto out;
 		memcpy(temp_list[num_dent], dent, dent->d_reclen);
 		num_dent++;
 	}
-- 
2.35.1