| Message ID | 1242665704-9566-1-git-send-email-jlayton@redhat.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
Jeff Layton <jlayton@redhat.com> writes: > This is a respin of the patch posted yesterday. It includes a fix for > a bogus NULL pointer check that Jeff Moyer spotted. > > It's possible for CIFSSMBQueryUnixSymLink to return without setting > target_path to a valid pointer. If that happens then the current > value to which we're initializing this pointer could cause an oops > when it's kfree'd. > > CIFSSMBQueryUnixSymLink also has an incorrect NULL pointer check. > Thanks to Jeff Moyer for pointing that out. > > Reported-by: Jeff Moyer <jmoyer@redhat.com> > Signed-off-by: Jeff Layton <jlayton@redhat.com> Reviewed-by: Jeff Moyer <jmoyer@redhat.com>
diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c index 5759ba5..d062602 100644 --- a/fs/cifs/cifssmb.c +++ b/fs/cifs/cifssmb.c @@ -2475,7 +2475,7 @@ querySymLinkRetry: /* BB FIXME investigate remapping reserved chars here */ *symlinkinfo = cifs_strndup_from_ucs(data_start, count, is_unicode, nls_codepage); - if (!symlinkinfo) + if (!*symlinkinfo) rc = -ENOMEM; } } diff --git a/fs/cifs/link.c b/fs/cifs/link.c index ea9d11e..b103164 100644 --- a/fs/cifs/link.c +++ b/fs/cifs/link.c @@ -110,7 +110,7 @@ cifs_follow_link(struct dentry *direntry, struct nameidata *nd) int rc = -EACCES; int xid; char *full_path = NULL; - char *target_path = ERR_PTR(-ENOMEM); + char *target_path = NULL; struct cifs_sb_info *cifs_sb; struct cifsTconInfo *pTcon;
This is a respin of the patch posted yesterday. It includes a fix for a bogus NULL pointer check that Jeff Moyer spotted. It's possible for CIFSSMBQueryUnixSymLink to return without setting target_path to a valid pointer. If that happens then the current value to which we're initializing this pointer could cause an oops when it's kfree'd. CIFSSMBQueryUnixSymLink also has an incorrect NULL pointer check. Thanks to Jeff Moyer for pointing that out. Reported-by: Jeff Moyer <jmoyer@redhat.com> Signed-off-by: Jeff Layton <jlayton@redhat.com> --- fs/cifs/cifssmb.c | 2 +- fs/cifs/link.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-)