From: Ian Kent <raven@themaw.net>
To: Jesper Juhl <jj@chaosbits.net>
Cc: linux-kernel@vger.kernel.org, autofs@linux.kernel.org
Subject: Re: [PATCH] autofs4: Do not potentially dereference NULL pointer returned by fget() in autofs_dev_ioctl_setpipefd()
Date: Tue, 25 Jan 2011 09:55:24 +0800 [thread overview]
Message-ID: <1295920524.2749.4.camel@perseus> (raw)
In-Reply-To: <alpine.LNX.2.00.1101242102040.10252@swampdragon.chaosbits.net>
On Mon, 2011-01-24 at 21:03 +0100, Jesper Juhl wrote:
> On Mon, 24 Jan 2011, Jesper Juhl wrote:
>
> > Hi Ian,
> >
> > On Sat, 18 Dec 2010, Jesper Juhl wrote:
> >
> > > Hi,
> > >
> > > In fs/autofs4/dev-ioctl.c::autofs_dev_ioctl_setpipefd() we call fget(),
> > > which may return NULL, but we do not explicitly test for that NULL return
> > > so we may end up dereferencing a NULL pointer - bad.
> > >
> > > When I originally submitted this patch I had chosen EBUSY as the return
> > > value to use if this happens. Ian Kent was kind enough to explain why that
> > > would most likely be wrong and why EBADF should most likely be used
> > > instead. This version of the patch uses EBADF.
> > >
> > >
> > > Signed-off-by: Jesper Juhl <jj@chaosbits.net>
> > > ---
> > > dev-ioctl.c | 4 ++++
> > > 1 file changed, 4 insertions(+)
> > >
> > > diff --git a/fs/autofs4/dev-ioctl.c b/fs/autofs4/dev-ioctl.c
> > > index eff9a41..a650d7e 100644
> > > --- a/fs/autofs4/dev-ioctl.c
> > > +++ b/fs/autofs4/dev-ioctl.c
> > > @@ -372,6 +372,10 @@ static int autofs_dev_ioctl_setpipefd(struct file *fp,
> > > return -EBUSY;
> > > } else {
> > > struct file *pipe = fget(pipefd);
> > > + if (!pipe) {
> > > + err = -EBADF;
> > > + goto out;
> > > + }
> > > if (!pipe->f_op || !pipe->f_op->write) {
> > > err = -EPIPE;
> > > fput(pipe);
> > >
> >
> > It's been more than a month now since I submitted this updated patch
> > adressing your feedback, but I've not seen any feedback on it.
> > Is it OK? Will you merge it?
> >
> Ok, I need to learn to search my mailbox better. I just saw that you did
> indeed send a reply with an Acked-by: on december 28.
>
> Doesn't change the fact that I still need to find someone to actually
> merge it...
>
Often patches like this get merged whether I ack them or not.
Right now I'm struggling with the 2.6.38-rc changes since the merge of
vfs-scale together with the vfs-automount patches caused some breakage.
I will post it along with any other patches I end up with if it doesn't
get picked up beforehand.
Ian
prev parent reply other threads:[~2011-01-25 1:55 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-12-18 21:43 [PATCH] autofs4: Do not potentially dereference NULL pointer returned by fget() in autofs_dev_ioctl_setpipefd() Jesper Juhl
2010-12-28 2:36 ` Ian Kent
2011-01-02 12:52 ` Autofs SMBFS no write in files Issa
2011-01-05 16:38 ` Carter, Joel
2011-01-05 18:53 ` Issa
2011-01-24 19:51 ` [PATCH] autofs4: Do not potentially dereference NULL pointer returned by fget() in autofs_dev_ioctl_setpipefd() Jesper Juhl
2011-01-24 20:03 ` Jesper Juhl
2011-01-25 1:55 ` Ian Kent [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1295920524.2749.4.camel@perseus \
--to=raven@themaw.net \
--cc=autofs@linux.kernel.org \
--cc=jj@chaosbits.net \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.