summaryrefslogtreecommitdiffstats
path: root/fs/cifs/dir.c
diff options
context:
space:
mode:
authorSachin Prabhu <sprabhu@redhat.com>2012-11-05 12:39:32 +0100
committerJeff Layton <jlayton@redhat.com>2012-11-05 12:45:54 +0100
commit3798f47aa276b332c30da499cb4df4577e2f8872 (patch)
treeedec5d4cdab0891ac1b40b64e6265faf680641ea /fs/cifs/dir.c
parentcifs: fix potential buffer overrun in cifs.idmap handling code (diff)
downloadlinux-3798f47aa276b332c30da499cb4df4577e2f8872.tar.xz
linux-3798f47aa276b332c30da499cb4df4577e2f8872.zip
cifs: Do not lookup hashed negative dentry in cifs_atomic_open
We do not need to lookup a hashed negative directory since we have already revalidated it before and have found it to be fine. This also prevents a crash in cifs_lookup() when it attempts to rehash the already hashed negative lookup dentry. The patch has been tested using the reproducer at https://bugzilla.redhat.com/show_bug.cgi?id=867344#c28 Cc: <stable@kernel.org> # 3.6.x Reported-by: Vit Zahradka <vit.zahradka@tiscali.cz> Signed-off-by: Sachin Prabhu <sprabhu@redhat.com>
Diffstat (limited to 'fs/cifs/dir.c')
-rw-r--r--fs/cifs/dir.c11
1 files changed, 10 insertions, 1 deletions
diff --git a/fs/cifs/dir.c b/fs/cifs/dir.c
index 7c0a81283645..d3671f2acb29 100644
--- a/fs/cifs/dir.c
+++ b/fs/cifs/dir.c
@@ -398,7 +398,16 @@ cifs_atomic_open(struct inode *inode, struct dentry *direntry,
* in network traffic in the other paths.
*/
if (!(oflags & O_CREAT)) {
- struct dentry *res = cifs_lookup(inode, direntry, 0);
+ struct dentry *res;
+
+ /*
+ * Check for hashed negative dentry. We have already revalidated
+ * the dentry and it is fine. No need to perform another lookup.
+ */
+ if (!d_unhashed(direntry))
+ return -ENOENT;
+
+ res = cifs_lookup(inode, direntry, 0);
if (IS_ERR(res))
return PTR_ERR(res);