[PATCH 3.13 017/103] [CIFS] Possible null ptr deref in SMB2_tcon
Kamal Mostafa
kamal at canonical.com
Tue Sep 30 21:30:22 UTC 2014
3.13.11.8 -stable review patch. If anyone has any objections, please let me know.
------------------
From: Steve French <smfrench at gmail.com>
commit 18f39e7be0121317550d03e267e3ebd4dbfbb3ce upstream.
As Raphael Geissert pointed out, tcon_error_exit can dereference tcon
and there is one path in which tcon can be null.
Signed-off-by: Steve French <smfrench at gmail.com>
Reported-by: Raphael Geissert <geissert at debian.org>
Signed-off-by: Kamal Mostafa <kamal at canonical.com>
---
fs/cifs/smb2pdu.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c
index 63339c5..ec2c0ac 100644
--- a/fs/cifs/smb2pdu.c
+++ b/fs/cifs/smb2pdu.c
@@ -916,7 +916,8 @@ tcon_exit:
tcon_error_exit:
if (rsp->hdr.Status == STATUS_BAD_NETWORK_NAME) {
cifs_dbg(VFS, "BAD_NETWORK_NAME: %s\n", tree);
- tcon->bad_network_name = true;
+ if (tcon)
+ tcon->bad_network_name = true;
}
goto tcon_exit;
}
--
1.9.1
More information about the kernel-team
mailing list