[PATCH] cifs: don't dereference potentially NULL variable in match_session()
Jesper Juhl
jj at chaosbits.net
Thu Mar 1 13:45:13 MST 2012
This bit of code:
...
if (strncmp(ses->user_name,
vol->username ? vol->username : "",
MAX_USERNAME_SIZE))
return 0;
...
implies that 'vol->username' may be NULL.
If it is NULL, then the 'strlen(vol->username)' that follows will
dereference a NULL pointer.
This patch should take care of that issue.
Signed-off-by: Jesper Juhl <jj at chaosbits.net>
---
fs/cifs/connect.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
Compile tested only.
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index 602f77c..2f3cf02 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -2014,8 +2014,9 @@ static int match_session(struct cifs_ses *ses, struct smb_vol *vol)
vol->username ? vol->username : "",
MAX_USERNAME_SIZE))
return 0;
- if (strlen(vol->username) != 0 &&
- ses->password != NULL &&
+ if (vol->username &&
+ strlen(vol->username) != 0 &&
+ ses->password &&
strncmp(ses->password,
vol->password ? vol->password : "",
MAX_PASSWORD_SIZE))
--
1.7.9.2
--
Jesper Juhl <jj at chaosbits.net> http://www.chaosbits.net/
Don't top-post http://www.catb.org/jargon/html/T/top-post.html
Plain text mails only, please.
More information about the samba-technical
mailing list