From: Michael Halcrow Date: Fri, 16 Mar 2007 21:38:22 +0000 (-0800) Subject: [PATCH] eCryptfs: fix possible NULL ptr deref in ecryptfs_d_release() X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=b228b8e5bf96b740a70871c1a248bb65c267f5f2;p=GitHub%2FLineageOS%2Fandroid_kernel_motorola_exynos9610.git [PATCH] eCryptfs: fix possible NULL ptr deref in ecryptfs_d_release() ecryptfs_d_release() first dereferences a pointer (via ecryptfs_dentry_to_lower()) and then afterwards checks to see if the pointer it just dereferenced is NULL (via ecryptfs_dentry_to_private()). This patch moves all of the work done on the dereferenced pointer inside a block governed by the condition that the pointer is non-NULL. Signed-off-by: Michael Halcrow Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- diff --git a/fs/ecryptfs/dentry.c b/fs/ecryptfs/dentry.c index 329efcd3d8c9..cb20b964419f 100644 --- a/fs/ecryptfs/dentry.c +++ b/fs/ecryptfs/dentry.c @@ -78,18 +78,13 @@ struct kmem_cache *ecryptfs_dentry_info_cache; */ static void ecryptfs_d_release(struct dentry *dentry) { - struct dentry *lower_dentry; - - lower_dentry = ecryptfs_dentry_to_lower(dentry); - if (ecryptfs_dentry_to_private(dentry)) + if (ecryptfs_dentry_to_private(dentry)) { + if (ecryptfs_dentry_to_lower(dentry)) { + mntput(ecryptfs_dentry_to_lower_mnt(dentry)); + dput(ecryptfs_dentry_to_lower(dentry)); + } kmem_cache_free(ecryptfs_dentry_info_cache, ecryptfs_dentry_to_private(dentry)); - if (lower_dentry) { - struct vfsmount *lower_mnt = - ecryptfs_dentry_to_lower_mnt(dentry); - - mntput(lower_mnt); - dput(lower_dentry); } return; }