diff options
author | Zhiqiang Liu <liuzhiqiang26@huawei.com> | 2021-06-30 16:27:20 +0800 |
---|---|---|
committer | Theodore Ts'o <tytso@mit.edu> | 2021-07-15 23:43:37 -0400 |
commit | f9033bd2e82c6f5963034cd59f7273770374b598 (patch) | |
tree | 89fe2dc162451b9b506fde9f3197fa50ff001845 | |
parent | a61bc9e009b4b829f61f1717753b4ee0882d9aba (diff) | |
download | e2fsprogs-f9033bd2e82c6f5963034cd59f7273770374b598.tar.gz |
misc: fix potential segmentation fault problem in scandir()
In scandir(), temp_list[num_dent] is allocated by calling
malloc(), we should check whether malloc() returns NULL before
accessing temp_list[num_dent].
Signed-off-by: Zhiqiang Liu <liuzhiqiang26@huawei.com>
Signed-off-by: Wu Guanghao <wuguanghao3@huawei.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
-rw-r--r-- | misc/create_inode.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/misc/create_inode.c b/misc/create_inode.c index d62e1cb4f..c00d54588 100644 --- a/misc/create_inode.c +++ b/misc/create_inode.c @@ -771,6 +771,8 @@ static int scandir(const char *dir_name, struct dirent ***name_list, } // add the copy of dirent to the list temp_list[num_dent] = (struct dirent*)malloc((dent->d_reclen + 3) & ~3); + if (!temp_list[num_dent]) + goto out; memcpy(temp_list[num_dent], dent, dent->d_reclen); num_dent++; } |