From: Su Hui suhui@nfschina.com

stable inclusion from stable-v4.19.295 commit 35f0749756b848ad4f4a165ad6b1dfa8d0e45a96 category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I8E5Q5 CVE: NA

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=...

--------------------------------

[ Upstream commit de8d38cf44bac43e83bad28357ba84784c412752 ]

clang's static analysis warning: fs/lockd/mon.c: line 293, column 2: Null pointer passed as 2nd argument to memory copy function.

Assuming 'hostname' is NULL and calling 'nsm_create_handle()', this will pass NULL as 2nd argument to memory copy function 'memcpy()'. So return NULL if 'hostname' is invalid.

Fixes: 77a3ef33e2de ("NSM: More clean up of nsm_get_handle()") Signed-off-by: Su Hui suhui@nfschina.com Reviewed-by: Nick Desaulniers ndesaulniers@google.com Reviewed-by: Jeff Layton jlayton@kernel.org Signed-off-by: Chuck Lever chuck.lever@oracle.com Signed-off-by: Sasha Levin sashal@kernel.org Signed-off-by: ZhaoLong Wang wangzhaolong1@huawei.com --- fs/lockd/mon.c | 3 +++ 1 file changed, 3 insertions(+)

diff --git a/fs/lockd/mon.c b/fs/lockd/mon.c index 654594ef4f94..68a2eac548c3 100644 --- a/fs/lockd/mon.c +++ b/fs/lockd/mon.c @@ -275,6 +275,9 @@ static struct nsm_handle *nsm_create_handle(const struct sockaddr *sap, { struct nsm_handle *new;

+ if (!hostname) + return NULL; + new = kzalloc(sizeof(*new) + hostname_len + 1, GFP_KERNEL); if (unlikely(new == NULL)) return NULL;