NAK: [PATCH][ Xenial] UBUNTU: Fix CVE-2015-1350 regression
Colin Ian King
colin.king at canonical.com
Wed Mar 31 12:51:09 UTC 2021
On 31/03/2021 13:48, Kleber Souza wrote:
> Hey Tim,
>
> Stefan already sent the same fix earlier today and I have applied his
> submission
> as it has been ACK'ed already.
>
>
> On 31.03.21 14:15, Tim Gardner wrote:
>> CVE-2015-1350
>>
>> Commit b3ce51efc535125aa3bea570467ebe7535975467 ('fuse: Propagate
>> dentry down to inode_change_ok()')
>> introduced a regression in fs/fuse/dir.c where fuse_do_setattr() was
>> being
>> called with a pointer to an inode structure instead of a pointer to a
>> dentry structure.
>> How did this even compile ?
> The different pointer type caused only a warning:
>
> CC fs/fuse/dir.o
> /<<PKGBUILDDIR>>/fs/fuse/dir.c: In function ‘fuse_setattr’:
> /<<PKGBUILDDIR>>/fs/fuse/dir.c:1772:24: warning: passing argument 1 of
> ‘fuse_do_setattr’ from incompatible pointer type
> [-Wincompatible-pointer-types]
> ret = fuse_do_setattr(inode, attr, file);
> ^
> /<<PKGBUILDDIR>>/fs/fuse/dir.c:1602:5: note: expected ‘struct dentry *’
> but argument is of type ‘struct inode *’
> int fuse_do_setattr(struct dentry *dentry, struct iattr *attr,
> ^
It's a pity we don't track warning deltas in our builds.
Colin
>
>>
>> Signed-off-by: Tim Gardner <tim.gardner at canonical.com>
>> ---
>> fs/fuse/dir.c | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c
>> index 3456f6861293..6413273e42f7 100644
>> --- a/fs/fuse/dir.c
>> +++ b/fs/fuse/dir.c
>> @@ -1769,7 +1769,7 @@ static int fuse_setattr(struct dentry *entry,
>> struct iattr *attr)
>> if (!attr->ia_valid)
>> return 0;
>> - ret = fuse_do_setattr(inode, attr, file);
>> + ret = fuse_do_setattr(entry, attr, file);
>> if (!ret) {
>> /* Directory mode changed, may need to revalidate access */
>> if (d_is_dir(entry) && (attr->ia_valid & ATTR_MODE))
>>
>
>
More information about the kernel-team
mailing list