This is a note to let you know that I've just added the patch titled
ASN.1: Fix check for strdup() success
to the 5.4-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
asn.1-fix-check-for-strdup-success.patch
and it can be found in the queue-5.4 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From 5a43001c01691dcbd396541e6faa2c0077378f48 Mon Sep 17 00:00:00 2001
From: Ekaterina Orlova <vorobushek.ok@xxxxxxxxx>
Date: Fri, 21 Apr 2023 15:35:39 +0100
Subject: ASN.1: Fix check for strdup() success
From: Ekaterina Orlova <vorobushek.ok@xxxxxxxxx>
commit 5a43001c01691dcbd396541e6faa2c0077378f48 upstream.
It seems there is a misprint in the check of strdup() return code that
can lead to NULL pointer dereference.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Fixes: 4520c6a49af8 ("X.509: Add simple ASN.1 grammar compiler")
Signed-off-by: Ekaterina Orlova <vorobushek.ok@xxxxxxxxx>
Cc: David Woodhouse <dwmw2@xxxxxxxxxxxxx>
Cc: James Bottomley <jejb@xxxxxxxxxxxxx>
Cc: Jarkko Sakkinen <jarkko@xxxxxxxxxx>
Cc: keyrings@xxxxxxxxxxxxxxx
Cc: linux-kbuild@xxxxxxxxxxxxxxx
Link: https://lore.kernel.org/r/20230315172130.140-1-vorobushek.ok@xxxxxxxxx/
Signed-off-by: David Howells <dhowells@xxxxxxxxxx>
Signed-off-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
scripts/asn1_compiler.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/scripts/asn1_compiler.c
+++ b/scripts/asn1_compiler.c
@@ -625,7 +625,7 @@ int main(int argc, char **argv)
p = strrchr(argv[1], '/');
p = p ? p + 1 : argv[1];
grammar_name = strdup(p);
- if (!p) {
+ if (!grammar_name) {
perror(NULL);
exit(1);
}
Patches currently in stable-queue which might be from vorobushek.ok@xxxxxxxxx are
queue-5.4/asn.1-fix-check-for-strdup-success.patch
