[PATCH] posix_acl: handle NULL ACL in posix_acl_equiv_mode

[PATCH] posix_acl: handle NULL ACL in posix_acl_equiv_mode

[Christoph Hellwig]

Various filesystems don't bother checking for a NULL ACL in
posix_acl_equiv_mode, and thus can dereference a NULL pointer when it
gets passed one. This usually happens from the NFS server, as the ACL tools
never pass a NULL ACL, but instead of one representing the mode bits.

Instead of adding boilerplat to all filesystems put this check into one place,
which will allow us to remove the check from other filesystems as well later
on.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Reported-by: Ben Greear <greearb@candelatech.com>
Reported-by: Marco Munderloh <munderl@tnt.uni-hannover.de>,
Cc: Chuck Lever <chuck.lever@oracle.com>
Cc: stable@vger.kernel.org
---
 fs/posix_acl.c |    6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/fs/posix_acl.c b/fs/posix_acl.c
index 9e363e4..0855f77 100644
--- a/fs/posix_acl.c
+++ b/fs/posix_acl.c
@@ -246,6 +246,12 @@ posix_acl_equiv_mode(const struct posix_acl *acl, umode_t *mode_p)
 	umode_t mode = 0;
 	int not_equiv = 0;
 
+	/*
+	 * A null ACL can always be presented as mode bits.
+	 */
+	if (!acl)
+		return 0;
+
 	FOREACH_ACL_ENTRY(pa, acl, pe) {
 		switch (pa->e_tag) {
 			case ACL_USER_OBJ:
-- 
1.7.10.4

Re: [PATCH] posix_acl: handle NULL ACL in posix_acl_equiv_mode

[Matthew Wilcox]

On Sun, May 04, 2014 at 01:03:32PM +0200, Christoph Hellwig wrote:
> Various filesystems don't bother checking for a NULL ACL in
> posix_acl_equiv_mode, and thus can dereference a NULL pointer when it
> gets passed one. This usually happens from the NFS server, as the ACL tools
> never pass a NULL ACL, but instead of one representing the mode bits.
> 
> Instead of adding boilerplat to all filesystems put this check into one place,
> which will allow us to remove the check from other filesystems as well later
> on.
> 
> Signed-off-by: Christoph Hellwig <hch@lst.de>
> Reported-by: Ben Greear <greearb@candelatech.com>
> Reported-by: Marco Munderloh <munderl@tnt.uni-hannover.de>,
> Cc: Chuck Lever <chuck.lever@oracle.com>
> Cc: stable@vger.kernel.org

Reviewed-by: Matthew Wilcox <matthew.r.wilcox@intel.com>

Re: [PATCH] posix_acl: handle NULL ACL in posix_acl_equiv_mode

[Chuck Lever]

On May 4, 2014, at 7:03 AM, Christoph Hellwig <hch@lst.de> wrote:

> Various filesystems don't bother checking for a NULL ACL in
> posix_acl_equiv_mode, and thus can dereference a NULL pointer when it
> gets passed one. This usually happens from the NFS server, as the ACL tools
> never pass a NULL ACL, but instead of one representing the mode bits.
> 
> Instead of adding boilerplat to all filesystems put this check into one place,
> which will allow us to remove the check from other filesystems as well later
> on.
> 
> Signed-off-by: Christoph Hellwig <hch@lst.de>
> Reported-by: Ben Greear <greearb@candelatech.com>
> Reported-by: Marco Munderloh <munderl@tnt.uni-hannover.de>,
> Cc: Chuck Lever <chuck.lever@oracle.com>

Good clean-up.

Reviewed-by: Chuck Lever <chuck.lever@oracle.com>


> Cc: stable@vger.kernel.org
> ---
> fs/posix_acl.c |    6 ++++++
> 1 file changed, 6 insertions(+)
> 
> diff --git a/fs/posix_acl.c b/fs/posix_acl.c
> index 9e363e4..0855f77 100644
> --- a/fs/posix_acl.c
> +++ b/fs/posix_acl.c
> @@ -246,6 +246,12 @@ posix_acl_equiv_mode(const struct posix_acl *acl, umode_t *mode_p)
> 	umode_t mode = 0;
> 	int not_equiv = 0;
> 
> +	/*
> +	 * A null ACL can always be presented as mode bits.
> +	 */
> +	if (!acl)
> +		return 0;
> +
> 	FOREACH_ACL_ENTRY(pa, acl, pe) {
> 		switch (pa->e_tag) {
> 			case ACL_USER_OBJ:
> -- 
> 1.7.10.4
> 
> --
> To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html

--
Chuck Lever
chuck[dot]lever[at]oracle[dot]com