* [PATCH] [fs/9p] Fix NULL point deref in v9fs_dir_release
@ 2010-08-17 17:19 Venkateswararao Jujjuri (JV)
2010-08-17 17:13 ` Christoph Hellwig
0 siblings, 1 reply; 3+ messages in thread
From: Venkateswararao Jujjuri (JV) @ 2010-08-17 17:19 UTC (permalink / raw)
To: v9fs-developer; +Cc: linux-fsdevel, Venkateswararao Jujjuri (JV)
There are situations in VFS where we endup calling v9fs_dir_release() before
even we instantiate the filp. Hence the check.
Signed-off-by: Venkateswararao Jujjuri <jvrao@linux.vnet.ibm.com>
---
fs/9p/vfs_dir.c | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/fs/9p/vfs_dir.c b/fs/9p/vfs_dir.c
index 16c8a2a..9be9b35 100644
--- a/fs/9p/vfs_dir.c
+++ b/fs/9p/vfs_dir.c
@@ -290,6 +290,8 @@ int v9fs_dir_release(struct inode *inode, struct file *filp)
{
struct p9_fid *fid;
+ if (!filp)
+ return 0;
fid = filp->private_data;
P9_DPRINTK(P9_DEBUG_VFS,
"inode: %p filp: %p fid: %d\n", inode, filp, fid->fid);
--
1.6.5.2
^ permalink raw reply related [flat|nested] 3+ messages in thread* Re: [PATCH] [fs/9p] Fix NULL point deref in v9fs_dir_release
2010-08-17 17:19 [PATCH] [fs/9p] Fix NULL point deref in v9fs_dir_release Venkateswararao Jujjuri (JV)
@ 2010-08-17 17:13 ` Christoph Hellwig
2010-08-17 18:37 ` Venkateswararao Jujjuri (JV)
0 siblings, 1 reply; 3+ messages in thread
From: Christoph Hellwig @ 2010-08-17 17:13 UTC (permalink / raw)
To: Venkateswararao Jujjuri (JV); +Cc: v9fs-developer, linux-fsdevel
On Tue, Aug 17, 2010 at 10:19:01AM -0700, Venkateswararao Jujjuri (JV) wrote:
> There are situations in VFS where we endup calling v9fs_dir_release() before
> even we instantiate the filp. Hence the check.
Err, what callchain would that be? This really should not happen.
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] [fs/9p] Fix NULL point deref in v9fs_dir_release
2010-08-17 17:13 ` Christoph Hellwig
@ 2010-08-17 18:37 ` Venkateswararao Jujjuri (JV)
0 siblings, 0 replies; 3+ messages in thread
From: Venkateswararao Jujjuri (JV) @ 2010-08-17 18:37 UTC (permalink / raw)
To: Christoph Hellwig; +Cc: v9fs-developer, linux-fsdevel
Christoph Hellwig wrote:
> On Tue, Aug 17, 2010 at 10:19:01AM -0700, Venkateswararao Jujjuri (JV) wrote:
>> There are situations in VFS where we endup calling v9fs_dir_release() before
>> even we instantiate the filp. Hence the check.
>
> Err, what callchain would that be? This really should not happen.
>
Call Trace:
[<ffffffff81209cb1>] v9fs_dir_release+0x29/0x2f
[<ffffffff81105985>] fput+0x13a/0x1ec
[<ffffffff81207e97>] ? v9fs_open_created+0x0/0xd
[<ffffffff811031bd>] __dentry_open+0x1d3/0x29e
[<ffffffff811033d3>] lookup_instantiate_filp+0x6b/0x8c
[<ffffffff81208fc6>] v9fs_vfs_create_dotl+0x1a7/0x20d
[<ffffffff8110e30a>] vfs_create+0x70/0x92
[<ffffffff8110eddc>] do_last+0x2e0/0x605
[<ffffffff8110f553>] do_filp_open+0x1f8/0x5f8
[<ffffffff811019e7>] ? mem_cgroup_charge_common+0x6a/0x7a
[<ffffffff8125e933>] ? might_fault+0x21/0x23
[<ffffffff8125ea32>] ? __strncpy_from_user+0x1e/0x49
[<ffffffff81118ec2>] ? alloc_fd+0x7b/0x124
[<ffffffff81102ef2>] do_sys_open+0x63/0x10f
[<ffffffff81102fd1>] sys_open+0x20/0x22
[<ffffffff81009c32>] system_call_fastpath+0x16/0x1b
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2010-08-17 18:38 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-08-17 17:19 [PATCH] [fs/9p] Fix NULL point deref in v9fs_dir_release Venkateswararao Jujjuri (JV)
2010-08-17 17:13 ` Christoph Hellwig
2010-08-17 18:37 ` Venkateswararao Jujjuri (JV)
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).