From 47afd7ae65c737bfef67e9eb1424723d13b06787 Mon Sep 17 00:00:00 2001
From: Yue Hu <huyue2@yulong.com>
Date: Fri, 1 Feb 2019 11:27:32 +0800
Subject: [PATCH] pstore/ram: Add kmsg hlen zero check to
 ramoops_pstore_write()

If zero-length header happened in ramoops_write_kmsg_hdr(), that means
we will not be able to read back dmesg record later, since it will be
treated as invalid header in ramoops_pstore_read(). So we should not
execute the following code but return the error.

Signed-off-by: Yue Hu <huyue2@yulong.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
---
 fs/pstore/ram.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/fs/pstore/ram.c b/fs/pstore/ram.c
index d06e2f3e3bec9..ec0e1da0596a5 100644
--- a/fs/pstore/ram.c
+++ b/fs/pstore/ram.c
@@ -425,6 +425,9 @@ static int notrace ramoops_pstore_write(struct pstore_record *record)
 
 	/* Build header and append record contents. */
 	hlen = ramoops_write_kmsg_hdr(prz, record);
+	if (!hlen)
+		return -ENOMEM;
+
 	size = record->size;
 	if (size + hlen > prz->buffer_size)
 		size = prz->buffer_size - hlen;
-- 
GitLab