[PATCH] skip data conversion in compat_sys_mount when data_page is NULL

OpenVZ Linux kernel team has found a problem with mounting in compat mode. Simple command "mount -t smbfs ..." on Fedora Core 5 distro in 32-bit mode leads to oops: Unable to handle kernel NULL pointer dereference at 0000000000000000 RIP: compat_sys_mount+0xd6/0x290 Process mount (pid: 14656, veid=300, threadinfo ffff810034d30000, task ffff810034c86bc0) Call Trace: ia32_sysret+0x0/0xa The problem is that data_page pointer can be NULL, so we should skip data conversion in this case. Signed-off-by: Andrey Mirkin <amirkin@openvz.org> Cc: <stable@kernel.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
author: Andrey Mirkin <amirkin@openvz.org> 2006-12-06 23:31:35 -0500
committer: Linus Torvalds <torvalds@woody.osdl.org> 2006-12-07 11:39:20 -0500
commit: 822191a2fa1584a29c3224ab328507adcaeac1ab (patch)
tree: 833b6e7d88fc49bf430826db26f75b4877593a15
parent: a1e85378ba50694cf8f27b190c7e16d7c8dad276 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/fs/compat.c b/fs/compat.c
index 06dad665b88f..7aef5412f49c 100644
--- a/fs/compat.c
+++ b/fs/compat.c
@@ -871,7 +871,7 @@ asmlinkage long compat_sys_mount(char __user * dev_name, char __user * dir_name,
        retval = -EINVAL;
-        if (type_page) {
+        if (type_page && data_page) {
                if (!strcmp((char *)type_page, SMBFS_NAME)) {
                        do_smb_super_data_conv((void *)data_page);
                } else if (!strcmp((char *)type_page, NCPFS_NAME)) {
author	Andrey Mirkin <amirkin@openvz.org>	2006-12-06 23:31:35 -0500
committer	Linus Torvalds <torvalds@woody.osdl.org>	2006-12-07 11:39:20 -0500
commit	822191a2fa1584a29c3224ab328507adcaeac1ab (patch)
tree	833b6e7d88fc49bf430826db26f75b4877593a15
parent	a1e85378ba50694cf8f27b190c7e16d7c8dad276 (diff)

diff --git a/fs/compat.c b/fs/compat.c index 06dad665b88f..7aef5412f49c 100644 --- a/fs/compat.c +++ b/fs/compat.c
@@ -871,7 +871,7 @@ asmlinkage long compat_sys_mount(char __user * dev_name, char __user * dir_name,
871		871
872	retval = -EINVAL;	872	retval = -EINVAL;
873		873
874	if (type_page) {	874	if (type_page && data_page) {
875	if (!strcmp((char *)type_page, SMBFS_NAME)) {	875	if (!strcmp((char *)type_page, SMBFS_NAME)) {
876	do_smb_super_data_conv((void *)data_page);	876	do_smb_super_data_conv((void *)data_page);
877	} else if (!strcmp((char *)type_page, NCPFS_NAME)) {	877	} else if (!strcmp((char *)type_page, NCPFS_NAME)) {