From: J. Bruce Fields Date: Fri, 20 Nov 2015 21:42:40 +0000 (-0500) Subject: nfsd: fix unlikely NULL deref in mach_creds_match X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=920dd9bb7d7cf9ae339e15240326a28a22f08a74;p=GitHub%2FLineageOS%2Fandroid_kernel_motorola_exynos9610.git nfsd: fix unlikely NULL deref in mach_creds_match We really shouldn't allow a client to be created with cl_mach_cred set unless it also has a principal name. This also allows us to fail such cases immediately on EXCHANGE_ID as opposed to waiting and incorrectly returning WRONG_CRED on the following CREATE_SESSION. Signed-off-by: J. Bruce Fields --- diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c index efa3d4c09dab..ed58ced6fa8b 100644 --- a/fs/nfsd/nfs4state.c +++ b/fs/nfsd/nfs4state.c @@ -2385,6 +2385,15 @@ nfsd4_exchange_id(struct svc_rqst *rqstp, status = nfserr_inval; goto out_nolock; } + /* + * Sometimes userspace doesn't give us a principal. + * Which is a bug, really. Anyway, we can't enforce + * MACH_CRED in that case, better to give up now: + */ + if (!new->cl_cred.cr_principal) { + status = nfserr_serverfault; + goto out_nolock; + } new->cl_mach_cred = true; case SP4_NONE: break;