[linux-cifs-client] Re: NULL deref cifs_unlink()
Steve French
smfrench at gmail.com
Wed Feb 25 14:24:08 GMT 2009
I think that this is ok (albeit not easy to read).
dosattr != 0 when attrs == NULL
so we won't go into the cifs_set_file_info call when attrs is null.
To make it safer still I added an "if (attr == NULL)" check in
cifs_set_file_info
On Wed, Feb 25, 2009 at 3:25 AM, Dan Carpenter <error27 at gmail.com> wrote:
> This is from fs/cifs/inode.c.
>
> attrs is only allocated on line 1011 and then it hits the goto
> retry_std_delete. So on line 1035 it is always NULL and
> cifs_set_file_info() dereferences it without checking.
>
> 1030 goto retry_std_delete;
> 1031 }
> 1032
> 1033 /* undo the setattr if we errored out and it's needed */
> 1034 if (rc != 0 && dosattr != 0)
> 1035 cifs_set_file_info(inode, attrs, xid, full_path,
> origattr);
> 1036
> 1037 out_reval:
>
> regards,
> dan carpenter
>
>
--
Thanks,
Steve
More information about the linux-cifs-client
mailing list