From patchwork Mon Jun 4 20:29:35 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: =?utf-8?q?Aur=C3=A9lien_Aptel?= X-Patchwork-Id: 925217 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=linux-cifs-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=suse.com Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 41064j6B8cz9s0W for ; Tue, 5 Jun 2018 06:30:13 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751135AbeFDUaN (ORCPT ); Mon, 4 Jun 2018 16:30:13 -0400 Received: from mx2.suse.de ([195.135.220.15]:50828 "EHLO mx2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751010AbeFDUaN (ORCPT ); Mon, 4 Jun 2018 16:30:13 -0400 X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay1.suse.de (charybdis-ext-too.suse.de [195.135.220.254]) by mx2.suse.de (Postfix) with ESMTP id 0FD2DAF2E; Mon, 4 Jun 2018 20:30:12 +0000 (UTC) From: Aurelien Aptel To: linux-cifs@vger.kernel.org Cc: lsahlber@redhat.com, smfrench@gmail.com, Aurelien Aptel Subject: [PATCH RFC 2/2] CIFS: Fix NULL ptr deref Date: Mon, 4 Jun 2018 22:29:35 +0200 Message-Id: <20180604202935.4872-3-aaptel@suse.com> X-Mailer: git-send-email 2.13.6 In-Reply-To: <20180604202935.4872-1-aaptel@suse.com> References: <20180604202935.4872-1-aaptel@suse.com> Sender: linux-cifs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-cifs@vger.kernel.org cifs->master_tlink is NULL against Win Server 2016 (which is strange.. not sure why) and is dereferenced in cifs_sb_master_tcon(). move master_tlink getter to cifsglob.h so it can be used from smb2misc.c Signed-off-by: Aurelien Aptel Reviewed-by: Ronnie Sahlberg --- fs/cifs/cifsglob.h | 6 ++++++ fs/cifs/connect.c | 6 ------ fs/cifs/smb2misc.c | 4 +++- 3 files changed, 9 insertions(+), 7 deletions(-) diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h index 08d1cdd96701..1efa2e65bc1a 100644 --- a/fs/cifs/cifsglob.h +++ b/fs/cifs/cifsglob.h @@ -1019,6 +1019,12 @@ tlink_tcon(struct tcon_link *tlink) return tlink->tl_tcon; } +static inline struct tcon_link * +cifs_sb_master_tlink(struct cifs_sb_info *cifs_sb) +{ + return cifs_sb->master_tlink; +} + extern void cifs_put_tlink(struct tcon_link *tlink); static inline struct tcon_link * diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index e5a2fe7f0dd4..9089b73809de 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c @@ -3116,12 +3116,6 @@ cifs_put_tlink(struct tcon_link *tlink) return; } -static inline struct tcon_link * -cifs_sb_master_tlink(struct cifs_sb_info *cifs_sb) -{ - return cifs_sb->master_tlink; -} - static int compare_mount_options(struct super_block *sb, struct cifs_mnt_data *mnt_data) { diff --git a/fs/cifs/smb2misc.c b/fs/cifs/smb2misc.c index cb5728e3d87d..e2bec47c6845 100644 --- a/fs/cifs/smb2misc.c +++ b/fs/cifs/smb2misc.c @@ -453,8 +453,10 @@ cifs_convert_path_to_utf16(const char *from, struct cifs_sb_info *cifs_sb) start_of_path = from + 1; #ifdef CONFIG_CIFS_SMB311 /* SMB311 POSIX extensions paths do not include leading slash */ - else if (cifs_sb_master_tcon(cifs_sb)->posix_extensions) + else if (cifs_sb_master_tlink(cifs_sb) && + cifs_sb_master_tcon(cifs_sb)->posix_extensions) { start_of_path = from + 1; + } #endif /* 311 */ else start_of_path = from;