|
 |
b7f731 |
From 75dd32a185871fead13cd3586e00980b35410ff0 Mon Sep 17 00:00:00 2001
|
|
|
b7f731 |
From: Zhilong Liu <zlliu@suse.com>
|
|
|
b7f731 |
Date: Mon, 20 Mar 2017 13:21:41 +0800
|
|
|
b7f731 |
Subject: [RHEL7.5 PATCH 014/169] mdadm/Monitor: Fix NULL pointer
|
|
|
b7f731 |
dereference when stat2devnm return NULL
|
|
|
b7f731 |
|
|
|
b7f731 |
Wait(): stat2devnm() returns NULL for non block devices. Check the
|
|
|
b7f731 |
pointer is valid derefencing it. This can happen when using --wait,
|
|
|
b7f731 |
such as the 'f' and 'd' file type, causing a core dump.
|
|
|
b7f731 |
such as: ./mdadm --wait /dev/md/
|
|
|
b7f731 |
|
|
|
b7f731 |
Reviewed-by: NeilBrown <neilb@suse.com>
|
|
|
b7f731 |
Signed-off-by: Zhilong Liu <zlliu@suse.com>
|
|
|
b7f731 |
Signed-off-by: Jes Sorensen <Jes.Sorensen@gmail.com>
|
|
|
b7f731 |
---
|
|
|
b7f731 |
Monitor.c | 8 +++++++-
|
|
|
b7f731 |
1 file changed, 7 insertions(+), 1 deletion(-)
|
|
|
b7f731 |
|
|
|
b7f731 |
diff --git a/Monitor.c b/Monitor.c
|
|
|
b7f731 |
index 802a9d9..bdd3e63 100644
|
|
|
b7f731 |
--- a/Monitor.c
|
|
|
b7f731 |
+++ b/Monitor.c
|
|
|
b7f731 |
@@ -994,6 +994,7 @@ int Wait(char *dev)
|
|
|
b7f731 |
{
|
|
|
b7f731 |
struct stat stb;
|
|
|
b7f731 |
char devnm[32];
|
|
|
b7f731 |
+ char *tmp;
|
|
|
b7f731 |
int rv = 1;
|
|
|
b7f731 |
int frozen_remaining = 3;
|
|
|
b7f731 |
|
|
|
b7f731 |
@@ -1002,7 +1003,12 @@ int Wait(char *dev)
|
|
|
b7f731 |
strerror(errno));
|
|
|
b7f731 |
return 2;
|
|
|
b7f731 |
}
|
|
|
b7f731 |
- strcpy(devnm, stat2devnm(&stb));
|
|
|
b7f731 |
+ tmp = stat2devnm(&stb;;
|
|
|
b7f731 |
+ if (!tmp) {
|
|
|
b7f731 |
+ pr_err("%s is not a block device.\n", dev);
|
|
|
b7f731 |
+ return 2;
|
|
|
b7f731 |
+ }
|
|
|
b7f731 |
+ strcpy(devnm, tmp);
|
|
|
b7f731 |
|
|
|
b7f731 |
while(1) {
|
|
|
b7f731 |
struct mdstat_ent *ms = mdstat_read(1, 0);
|
|
|
b7f731 |
--
|
|
|
b7f731 |
2.7.4
|
|
|
b7f731 |
|