diff options
author | Ronnie Sahlberg <lsahlber@redhat.com> | 2019-06-27 07:57:02 +0300 |
---|---|---|
committer | Steve French <stfrench@microsoft.com> | 2019-06-28 08:34:17 +0300 |
commit | 5de254dca87ab614b9c058246ee94c58a840e358 (patch) | |
tree | 0fe7d81730dca139867437b47e94e5e6d7c8bd17 /scripts/gcc-plugins/structleak_plugin.c | |
parent | 4b972a01a7da614b4796475f933094751a295a2f (diff) | |
download | linux-5de254dca87ab614b9c058246ee94c58a840e358.tar.xz |
cifs: fix crash querying symlinks stored as reparse-points
We never parsed/returned any data from .get_link() when the object is a windows reparse-point
containing a symlink. This results in the VFS layer oopsing accessing an uninitialized buffer:
...
[ 171.407172] Call Trace:
[ 171.408039] readlink_copy+0x29/0x70
[ 171.408872] vfs_readlink+0xc1/0x1f0
[ 171.409709] ? readlink_copy+0x70/0x70
[ 171.410565] ? simple_attr_release+0x30/0x30
[ 171.411446] ? getname_flags+0x105/0x2a0
[ 171.412231] do_readlinkat+0x1b7/0x1e0
[ 171.412938] ? __ia32_compat_sys_newfstat+0x30/0x30
...
Fix this by adding code to handle these buffers and make sure we do return a valid buffer
to .get_link()
CC: Stable <stable@vger.kernel.org>
Signed-off-by: Ronnie Sahlberg <lsahlber@redhat.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Diffstat (limited to 'scripts/gcc-plugins/structleak_plugin.c')
0 files changed, 0 insertions, 0 deletions