nfsd4: fix bare destroy_session null dereference
It's legal to send a DESTROY_SESSION outside any session (as the only operation in a compound), in which case cstate->session will be NULL; check for that case. While we're at it, move these checks into a separate helper function. Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
This commit is contained in:
parent
5306293c9c
commit
5d4cec2f2f
@ -1352,6 +1352,13 @@ static bool nfsd4_last_compound_op(struct svc_rqst *rqstp)
|
||||
return argp->opcnt == resp->opcnt;
|
||||
}
|
||||
|
||||
static bool nfsd4_compound_in_session(struct nfsd4_session *session, struct nfs4_sessionid *sid)
|
||||
{
|
||||
if (!session)
|
||||
return 0;
|
||||
return !memcmp(sid, &session->se_sessionid, sizeof(*sid));
|
||||
}
|
||||
|
||||
__be32
|
||||
nfsd4_destroy_session(struct svc_rqst *r,
|
||||
struct nfsd4_compound_state *cstate,
|
||||
@ -1367,8 +1374,7 @@ nfsd4_destroy_session(struct svc_rqst *r,
|
||||
* - Do we need to clear any callback info from previous session?
|
||||
*/
|
||||
|
||||
if (!memcmp(&sessionid->sessionid, &cstate->session->se_sessionid,
|
||||
sizeof(struct nfs4_sessionid))) {
|
||||
if (nfsd4_compound_in_session(cstate->session, &sessionid->sessionid)) {
|
||||
if (!nfsd4_last_compound_op(r))
|
||||
return nfserr_not_only_op;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user