debugfs: check for NULL pointer in debugfs_create_str()

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Passing a NULL pointer to debugfs_create_str() leads to a NULL pointer
dereference when the debugfs file is read. Following upstream
discussions, forbid the creation of debugfs string files with NULL
pointers. Add a WARN_ON() to expose offending callers and return early.

Fixes: 9af0440ec86e ("debugfs: Implement debugfs_create_str()")
Reported-by: yangshiguang <yangshiguang@xiaomi.com>
Closes: https://lore.kernel.org/lkml/2025122221-gag-malt-75ba@gregkh/
Suggested-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Gui-Dong Han <hanguidong02@gmail.com>
Link: https://patch.msgid.link/20260323085930.88894-2-hanguidong02@gmail.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

authored by

Gui-Dong Han and committed by

Greg Kroah-Hartman 2 months ago 31de8398 56e3ee72

+4 -1

1 changed file

expand all

debugfs

file.c

+4 -1

fs/debugfs/file.c

··· 1127 1127 * directory dentry if set. If this parameter is %NULL, then the 1128 1128 * file will be created in the root of the debugfs filesystem. 1129 1129 * @value: a pointer to the variable that the file should read to and write 1130 - * from. 1130 + * from. This pointer and the string it points to must not be %NULL. 1131 1131 * 1132 1132 * This function creates a file in debugfs with the given name that 1133 1133 * contains the value of the variable @value. If the @mode variable is so ··· 1136 1136 void debugfs_create_str(const char *name, umode_t mode, 1137 1137 struct dentry *parent, char **value) 1138 1138 { 1139 + if (WARN_ON(!value || !*value)) 1140 + return; 1141 + 1139 1142 debugfs_create_mode_unsafe(name, mode, parent, value, &fops_str, 1140 1143 &fops_str_ro, &fops_str_wo); 1141 1144 }

Configure Feed

Configure Feed