[PATCH v2] block: register_blkdev doesn't check name against NULL

From: Vaughan Cao
Date: Tue Sep 10 2013 - 22:21:46 EST


register_blkdev(0, NULL) can result kernel Oops by copying from NULL
in strlcpy(). Fix it by checking NULL pointer at the beginning and
WARN when encountered in unregister_blkdev.

Signed-off-by: Vaughan Cao <vaughan.cao@xxxxxxxxxx>
---
block/genhd.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/block/genhd.c b/block/genhd.c
index dadf42b..cca13e9 100644
--- a/block/genhd.c
+++ b/block/genhd.c
@@ -287,6 +287,9 @@ int register_blkdev(unsigned int major, const char *name)
struct blk_major_name **n, *p;
int index, ret = 0;

+ if (!name)
+ return -EINVAL;
+
mutex_lock(&block_class_lock);

/* temporary */
@@ -348,7 +351,7 @@ void unregister_blkdev(unsigned int major, const char *name)
for (n = &major_names[index]; *n; n = &(*n)->next)
if ((*n)->major == major)
break;
- if (!*n || strcmp((*n)->name, name)) {
+ if (!*n || !name || strcmp((*n)->name, name)) {
WARN_ON(1);
} else {
p = *n;
--
1.8.3.1

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/