Whenever a mount has an empty "source" (aka mnt_fsname), the glibc
function getmntent incorrectly parses its input, resulting in reporting
incorrect data to the caller.
The problem is that the get_mnt_entry() function in glibc's
misc/mntent_r.c assumes that leading whitespace on a line can always
be discarded because it will always be followed by a # for the case
of a comment or a non-whitespace character that's part of the value
of the first field. However, this assumption is violated when the
value of the first field is an empty string.
This is fixed in the mount API code by simply checking for a pointer
that contains a NULL and treating it as a NULL pointer.
Changes:
v3: added patch to fix zero length string access violation caused after
fs parser patch is applied.
v2: fix possible oops if conversion functions such as fs_param_is_u32()
are called.
Signed-off-by: Ian Kent <raven@xxxxxxxxxx>
---
Ian Kent (2):
ext4: fix possible null pointer dereference
vfs: parse: deal with zero length string value
fs/ext4/super.c | 4 ++--
fs/fs_context.c | 17 ++++++++++++-----
fs/fs_parser.c | 16 ++++++++++++++++
include/linux/fs_context.h | 3 ++-
4 files changed, 32 insertions(+), 8 deletions(-)
--
Ian
