ecryptfs: initialize private persistent file before dereferencing pointer
Ecryptfs_open dereferences a pointer to the private lower file (the one stored in the ecryptfs inode), without checking if the pointer is NULL. Right afterward, it initializes that pointer if it is NULL. Swap order of statements to first initialize. Bug discovered by Duckjin Kang. Signed-off-by: Duckjin Kang <fromdj2k@gmail.com> Signed-off-by: Erez Zadok <ezk@cs.sunysb.edu> Cc: Dustin Kirkland <kirkland@canonical.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: <stable@kernel.org> Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
This commit is contained in:
parent
38e3eaeedc
commit
e27759d7a3
@ -191,13 +191,6 @@ static int ecryptfs_open(struct inode *inode, struct file *file)
|
||||
| ECRYPTFS_ENCRYPTED);
|
||||
}
|
||||
mutex_unlock(&crypt_stat->cs_mutex);
|
||||
if ((ecryptfs_inode_to_private(inode)->lower_file->f_flags & O_RDONLY)
|
||||
&& !(file->f_flags & O_RDONLY)) {
|
||||
rc = -EPERM;
|
||||
printk(KERN_WARNING "%s: Lower persistent file is RO; eCryptfs "
|
||||
"file must hence be opened RO\n", __func__);
|
||||
goto out;
|
||||
}
|
||||
if (!ecryptfs_inode_to_private(inode)->lower_file) {
|
||||
rc = ecryptfs_init_persistent_file(ecryptfs_dentry);
|
||||
if (rc) {
|
||||
@ -208,6 +201,13 @@ static int ecryptfs_open(struct inode *inode, struct file *file)
|
||||
goto out;
|
||||
}
|
||||
}
|
||||
if ((ecryptfs_inode_to_private(inode)->lower_file->f_flags & O_RDONLY)
|
||||
&& !(file->f_flags & O_RDONLY)) {
|
||||
rc = -EPERM;
|
||||
printk(KERN_WARNING "%s: Lower persistent file is RO; eCryptfs "
|
||||
"file must hence be opened RO\n", __func__);
|
||||
goto out;
|
||||
}
|
||||
ecryptfs_set_file_lower(
|
||||
file, ecryptfs_inode_to_private(inode)->lower_file);
|
||||
if (S_ISDIR(ecryptfs_dentry->d_inode->i_mode)) {
|
||||
|
Loading…
Reference in New Issue
Block a user