linux-hardened/fs/configfs
David Howells 112fc894a7 configfs: Fix potential NULL d_inode dereference
Code that does this:

		if (!(d_unhashed(dentry) && dentry->d_inode)) {
			...
			simple_unlink(parent->d_inode, dentry);
		}

is broken because:

    !(d_unhashed(dentry) && dentry->d_inode)

is equivalent to:

    !d_unhashed(dentry) || !dentry->d_inode

so it is possible to get into simple_unlink() with dentry->d_inode == NULL.

simple_unlink(), however, assumes dentry->d_inode cannot be NULL.

I think that what was meant is this:

    !d_unhashed(dentry) && dentry->d_inode

and that the logical-not operator or the final close-bracket was misplaced.

Signed-off-by: David Howells <dhowells@redhat.com>
cc: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2015-02-20 04:56:43 -05:00
..
configfs_internal.h configfs_add_file: fold into its sole caller 2015-02-17 22:16:46 -05:00
dir.c configfs: fold create_dir() into its only caller 2015-02-17 22:16:35 -05:00
file.c configfs_add_file: fold into its sole caller 2015-02-17 22:16:46 -05:00
inode.c configfs: Fix potential NULL d_inode dereference 2015-02-20 04:56:43 -05:00
item.c fs/configs/item.c: kernel-doc fixes + clean-up 2014-06-04 16:53:53 -07:00
Kconfig configfs: change depends -> select SYSFS 2011-01-16 21:22:29 +00:00
Makefile [PATCH] configfs: User-driven configuration filesystem 2006-01-03 11:45:28 -08:00
mount.c fs: introduce f_op->mmap_capabilities for nommu mmap support 2015-01-20 14:02:58 -07:00
symlink.c configfs: kill configfs_sb 2012-03-20 21:29:47 -04:00