diff options
| author | Jeff Layton <jlayton@redhat.com> | 2011-12-01 20:23:34 -0500 | 
|---|---|---|
| committer | Steve French <smfrench@gmail.com> | 2011-12-08 22:04:47 -0600 | 
| commit | 7023676f9ee851d94f0942e879243fc1f9081c47 (patch) | |
| tree | 6aac4d2bbaae57306fa320beb4282c380171a8e2 /lib/timerqueue.c | |
| parent | 95edcff497b126a3f3e079e94b20fe2ca7e5a63d (diff) | |
cifs: check for NULL last_entry before calling cifs_save_resume_key
Prior to commit eaf35b1, cifs_save_resume_key had some NULL pointer
checks at the top. It turns out that at least one of those NULL
pointer checks is needed after all.
When the LastNameOffset in a FIND reply appears to be beyond the end of
the buffer, CIFSFindFirst and CIFSFindNext will set srch_inf.last_entry
to NULL. Since eaf35b1, the code will now oops in this situation.
Fix this by having the callers check for a NULL last entry pointer
before calling cifs_save_resume_key. No change is needed for the
call site in cifs_readdir as it's not reachable with a NULL
current_entry pointer.
This should fix:
    https://bugzilla.redhat.com/show_bug.cgi?id=750247
Cc: stable@vger.kernel.org
Cc: Christoph Hellwig <hch@infradead.org>
Reported-by: Adam G. Metzler <adamgmetzler@gmail.com>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <smfrench@gmail.com>
Diffstat (limited to 'lib/timerqueue.c')
0 files changed, 0 insertions, 0 deletions
