mirror of
https://mirrors.bfsu.edu.cn/git/linux.git
synced 2025-01-20 12:54:36 +08:00
autofs4: Do not potentially dereference NULL pointer returned by fget() in autofs_dev_ioctl_setpipefd()
In fs/autofs4/dev-ioctl.c::autofs_dev_ioctl_setpipefd() we call fget(), which may return NULL, but we do not explicitly test for that NULL return so we may end up dereferencing a NULL pointer - bad. When I originally submitted this patch I had chosen EBUSY as the return value to use if this happens. Ian Kent was kind enough to explain why that would most likely be wrong and why EBADF should most likely be used instead. This version of the patch uses EBADF. Signed-off-by: Jesper Juhl <jj@chaosbits.net> Signed-off-by: Ian Kent <raven@themaw.net> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
This commit is contained in:
parent
e7854723d0
commit
3dc8fe4dca
@ -372,6 +372,10 @@ static int autofs_dev_ioctl_setpipefd(struct file *fp,
|
||||
return -EBUSY;
|
||||
} else {
|
||||
struct file *pipe = fget(pipefd);
|
||||
if (!pipe) {
|
||||
err = -EBADF;
|
||||
goto out;
|
||||
}
|
||||
if (!pipe->f_op || !pipe->f_op->write) {
|
||||
err = -EPIPE;
|
||||
fput(pipe);
|
||||
|
Loading…
Reference in New Issue
Block a user