NAK: [PATCH][ Xenial] UBUNTU: Fix CVE-2015-1350 regression
Kleber Souza
kleber.souza at canonical.com
Wed Mar 31 12:48:46 UTC 2021
Hey Tim,
Stefan already sent the same fix earlier today and I have applied his submission
as it has been ACK'ed already.
On 31.03.21 14:15, Tim Gardner wrote:
> CVE-2015-1350
>
> Commit b3ce51efc535125aa3bea570467ebe7535975467 ('fuse: Propagate dentry down to inode_change_ok()')
> introduced a regression in fs/fuse/dir.c where fuse_do_setattr() was being
> called with a pointer to an inode structure instead of a pointer to a dentry structure.
> How did this even compile ?
The different pointer type caused only a warning:
CC fs/fuse/dir.o
/<<PKGBUILDDIR>>/fs/fuse/dir.c: In function ‘fuse_setattr’:
/<<PKGBUILDDIR>>/fs/fuse/dir.c:1772:24: warning: passing argument 1 of ‘fuse_do_setattr’ from incompatible pointer type [-Wincompatible-pointer-types]
ret = fuse_do_setattr(inode, attr, file);
^
/<<PKGBUILDDIR>>/fs/fuse/dir.c:1602:5: note: expected ‘struct dentry *’ but argument is of type ‘struct inode *’
int fuse_do_setattr(struct dentry *dentry, struct iattr *attr,
^
>
> Signed-off-by: Tim Gardner <tim.gardner at canonical.com>
> ---
> fs/fuse/dir.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c
> index 3456f6861293..6413273e42f7 100644
> --- a/fs/fuse/dir.c
> +++ b/fs/fuse/dir.c
> @@ -1769,7 +1769,7 @@ static int fuse_setattr(struct dentry *entry, struct iattr *attr)
> if (!attr->ia_valid)
> return 0;
>
> - ret = fuse_do_setattr(inode, attr, file);
> + ret = fuse_do_setattr(entry, attr, file);
> if (!ret) {
> /* Directory mode changed, may need to revalidate access */
> if (d_is_dir(entry) && (attr->ia_valid & ATTR_MODE))
>
More information about the kernel-team
mailing list