diff options
| author | Jeff Layton <jlayton@redhat.com> | 2011-12-01 20:23:34 -0500 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@suse.de> | 2011-12-21 12:58:30 -0800 |
| commit | 5bf4dba2647ee7eb377cb0f809d7abea461d34ae (patch) | |
| tree | 66b9cbe8d211944382e5c6d48ccca4f480aa9d1d /fs/read_write.h | |
| parent | 42354507ebd4124dbe46e46fe1ba7d9e0af0fe70 (diff) | |
cifs: check for NULL last_entry before calling cifs_save_resume_key
commit 7023676f9ee851d94f0942e879243fc1f9081c47 upstream.
Prior to commit eaf35b1, cifs_save_resume_key had some NULL pointer
checks at the top. It turns out that at least one of those NULL
pointer checks is needed after all.
When the LastNameOffset in a FIND reply appears to be beyond the end of
the buffer, CIFSFindFirst and CIFSFindNext will set srch_inf.last_entry
to NULL. Since eaf35b1, the code will now oops in this situation.
Fix this by having the callers check for a NULL last entry pointer
before calling cifs_save_resume_key. No change is needed for the
call site in cifs_readdir as it's not reachable with a NULL
current_entry pointer.
This should fix:
https://bugzilla.redhat.com/show_bug.cgi?id=750247
Cc: Christoph Hellwig <hch@infradead.org>
Reported-by: Adam G. Metzler <adamgmetzler@gmail.com>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <smfrench@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Diffstat (limited to 'fs/read_write.h')
0 files changed, 0 insertions, 0 deletions