[linux-cifs-client] NULL deref cifs_unlink()
Dan Carpenter
error27 at gmail.com
Wed Feb 25 09:25:18 GMT 2009
This is from fs/cifs/inode.c.
attrs is only allocated on line 1011 and then it hits the goto
retry_std_delete. So on line 1035 it is always NULL and
cifs_set_file_info() dereferences it without checking.
1030 goto retry_std_delete;
1031 }
1032
1033 /* undo the setattr if we errored out and it's needed */
1034 if (rc != 0 && dosattr != 0)
1035 cifs_set_file_info(inode, attrs, xid, full_path, origattr);
1036
1037 out_reval:
regards,
dan carpenter
More information about the linux-cifs-client
mailing list