| Message ID | 20250114032115.58638-1-liuye@kylinos.cn (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | selftests/memfd/memfd_test: Fix possible NULL pointer dereference | expand |
On Tue, 14 Jan 2025 11:21:15 +0800 liuye <liuye@kylinos.cn> wrote: > If name is NULL, a NULL pointer may be accessed in printf. > > ... > > --- a/tools/testing/selftests/memfd/memfd_test.c > +++ b/tools/testing/selftests/memfd/memfd_test.c > @@ -171,7 +171,7 @@ static void mfd_fail_new(const char *name, unsigned int flags) > r = sys_memfd_create(name, flags); > if (r >= 0) { > printf("memfd_create(\"%s\", %u) succeeded, but failure expected\n", > - name, flags); > + name ? name : "NULL", flags); > close(r); > abort(); Well huh. I though printf() would emit "(null)" in this situation, but my super-sophisticated test case says "core dumped". #include <stdio.h> #include <stdlib.h> int main() { printf("%s\n", (char *)0); exit(0); }
On Tue, Jan 14, 2025 at 11:21:15AM +0800, liuye wrote: > If name is NULL, a NULL pointer may be accessed in printf. > > Signed-off-by: liuye <liuye@kylinos.cn> Reviewed-by: Lorenzo Stoakes <lorenzo.stoakes@oracle.com> > --- > tools/testing/selftests/memfd/memfd_test.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/tools/testing/selftests/memfd/memfd_test.c b/tools/testing/selftests/memfd/memfd_test.c > index c0c53451a16d..5b993924cc3f 100644 > --- a/tools/testing/selftests/memfd/memfd_test.c > +++ b/tools/testing/selftests/memfd/memfd_test.c > @@ -171,7 +171,7 @@ static void mfd_fail_new(const char *name, unsigned int flags) > r = sys_memfd_create(name, flags); > if (r >= 0) { > printf("memfd_create(\"%s\", %u) succeeded, but failure expected\n", > - name, flags); > + name ? name : "NULL", flags); Damn, I was going to say 'oh hey we never pass NULL' but in test_create() we explicitly... do. Good spot! > close(r); > abort(); > } > -- > 2.25.1 >
diff --git a/tools/testing/selftests/memfd/memfd_test.c b/tools/testing/selftests/memfd/memfd_test.c index c0c53451a16d..5b993924cc3f 100644 --- a/tools/testing/selftests/memfd/memfd_test.c +++ b/tools/testing/selftests/memfd/memfd_test.c @@ -171,7 +171,7 @@ static void mfd_fail_new(const char *name, unsigned int flags) r = sys_memfd_create(name, flags); if (r >= 0) { printf("memfd_create(\"%s\", %u) succeeded, but failure expected\n", - name, flags); + name ? name : "NULL", flags); close(r); abort(); }
If name is NULL, a NULL pointer may be accessed in printf. Signed-off-by: liuye <liuye@kylinos.cn> --- tools/testing/selftests/memfd/memfd_test.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)