[linux-cifs-client] [PATCH] cifs: fix pointer initialization and checks in cifs_follow_symlink

[Jeff Layton]

This is a respin of the patch posted yesterday. It includes a fix for
a bogus NULL pointer check that Jeff Moyer spotted.

It's possible for CIFSSMBQueryUnixSymLink to return without setting
target_path to a valid pointer. If that happens then the current
value to which we're initializing this pointer could cause an oops
when it's kfree'd.

CIFSSMBQueryUnixSymLink also has an incorrect NULL pointer check.
Thanks to Jeff Moyer for pointing that out.

Reported-by: Jeff Moyer <jmoyer at redhat.com>
Signed-off-by: Jeff Layton <jlayton at redhat.com>
---
 fs/cifs/cifssmb.c |    2 +-
 fs/cifs/link.c    |    2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c
index 5759ba5..d062602 100644
--- a/fs/cifs/cifssmb.c
+++ b/fs/cifs/cifssmb.c
@@ -2475,7 +2475,7 @@ querySymLinkRetry:
 			/* BB FIXME investigate remapping reserved chars here */
 			*symlinkinfo = cifs_strndup_from_ucs(data_start, count,
 						    is_unicode, nls_codepage);
-			if (!symlinkinfo)
+			if (!*symlinkinfo)
 				rc = -ENOMEM;
 		}
 	}
diff --git a/fs/cifs/link.c b/fs/cifs/link.c
index ea9d11e..b103164 100644
--- a/fs/cifs/link.c
+++ b/fs/cifs/link.c
@@ -110,7 +110,7 @@ cifs_follow_link(struct dentry *direntry, struct nameidata *nd)
 	int rc = -EACCES;
 	int xid;
 	char *full_path = NULL;
-	char *target_path = ERR_PTR(-ENOMEM);
+	char *target_path = NULL;
 	struct cifs_sb_info *cifs_sb;
 	struct cifsTconInfo *pTcon;
 
-- 
1.6.2.2