diff options
| author | Sage Weil <sage@newdream.net> | 2010-11-23 01:58:06 -0500 |
|---|---|---|
| committer | Sage Weil <sage@newdream.net> | 2010-12-01 17:15:31 -0500 |
| commit | 884ea892763d4dfba509743f65961c782c0442db (patch) | |
| tree | 92a7f5b67aa06cf32457ccb2b69c28c528a48c15 /fs | |
| parent | 3561d43fd289f590fdae672e5eb831b8d5cf0bf6 (diff) | |
ceph: avoid possible null deref in readdir after dir llseek
last may be NULL, but we dereference it in the else branch without
checking. Normally it doesn't trigger because last == NULL when fpos == 2,
but it could happen on a newly opened dir if the user seeks forward.
Reported-by: Dan Carpenter <error27@gmail.com>
Signed-off-by: Sage Weil <sage@newdream.net>
Diffstat (limited to 'fs')
| -rw-r--r-- | fs/ceph/dir.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/fs/ceph/dir.c b/fs/ceph/dir.c index 7d447af84ec4..158c700fdca5 100644 --- a/fs/ceph/dir.c +++ b/fs/ceph/dir.c | |||
| @@ -114,8 +114,8 @@ static int __dcache_readdir(struct file *filp, | |||
| 114 | spin_lock(&dcache_lock); | 114 | spin_lock(&dcache_lock); |
| 115 | 115 | ||
| 116 | /* start at beginning? */ | 116 | /* start at beginning? */ |
| 117 | if (filp->f_pos == 2 || (last && | 117 | if (filp->f_pos == 2 || last == NULL || |
| 118 | filp->f_pos < ceph_dentry(last)->offset)) { | 118 | filp->f_pos < ceph_dentry(last)->offset) { |
| 119 | if (list_empty(&parent->d_subdirs)) | 119 | if (list_empty(&parent->d_subdirs)) |
| 120 | goto out_unlock; | 120 | goto out_unlock; |
| 121 | p = parent->d_subdirs.prev; | 121 | p = parent->d_subdirs.prev; |