| Message ID | 20181108161136.18376-1-smayhew@redhat.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | nfsd: COPY and CLONE operations require the saved filehandle to be set | expand |
Applying for 4.20 and stable, thanks! --b. On Thu, Nov 08, 2018 at 11:11:36AM -0500, Scott Mayhew wrote: > Make sure we have a saved filehandle, otherwise we'll oops with a null > pointer dereference in nfs4_preprocess_stateid_op(). > > Signed-off-by: Scott Mayhew <smayhew@redhat.com> > --- > fs/nfsd/nfs4proc.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c > index edff074d38c7..d505990dac7c 100644 > --- a/fs/nfsd/nfs4proc.c > +++ b/fs/nfsd/nfs4proc.c > @@ -1038,6 +1038,9 @@ nfsd4_verify_copy(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, > { > __be32 status; > > + if (!cstate->save_fh.fh_dentry) > + return nfserr_nofilehandle; > + > status = nfs4_preprocess_stateid_op(rqstp, cstate, &cstate->save_fh, > src_stateid, RD_STATE, src, NULL); > if (status) { > -- > 2.17.1
diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c index edff074d38c7..d505990dac7c 100644 --- a/fs/nfsd/nfs4proc.c +++ b/fs/nfsd/nfs4proc.c @@ -1038,6 +1038,9 @@ nfsd4_verify_copy(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate, { __be32 status; + if (!cstate->save_fh.fh_dentry) + return nfserr_nofilehandle; + status = nfs4_preprocess_stateid_op(rqstp, cstate, &cstate->save_fh, src_stateid, RD_STATE, src, NULL); if (status) {
Make sure we have a saved filehandle, otherwise we'll oops with a null pointer dereference in nfs4_preprocess_stateid_op(). Signed-off-by: Scott Mayhew <smayhew@redhat.com> --- fs/nfsd/nfs4proc.c | 3 +++ 1 file changed, 3 insertions(+)