summaryrefslogtreecommitdiffstats
path: root/fs/nfsd/nfs4state.c
diff options
context:
space:
mode:
authorJ. Bruce Fields <bfields@redhat.com>2015-11-20 22:42:40 +0100
committerJ. Bruce Fields <bfields@redhat.com>2015-11-24 18:39:18 +0100
commit920dd9bb7d7cf9ae339e15240326a28a22f08a74 (patch)
tree09637a832f3c4d4d1291ab990e162e903811b4f7 /fs/nfsd/nfs4state.c
parentnfsd: minor consolidation of mach_cred handling code (diff)
downloadlinux-920dd9bb7d7cf9ae339e15240326a28a22f08a74.tar.xz
linux-920dd9bb7d7cf9ae339e15240326a28a22f08a74.zip
nfsd: fix unlikely NULL deref in mach_creds_match
We really shouldn't allow a client to be created with cl_mach_cred set unless it also has a principal name. This also allows us to fail such cases immediately on EXCHANGE_ID as opposed to waiting and incorrectly returning WRONG_CRED on the following CREATE_SESSION. Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Diffstat (limited to 'fs/nfsd/nfs4state.c')
-rw-r--r--fs/nfsd/nfs4state.c9
1 files changed, 9 insertions, 0 deletions
diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c
index efa3d4c09dab..ed58ced6fa8b 100644
--- a/fs/nfsd/nfs4state.c
+++ b/fs/nfsd/nfs4state.c
@@ -2385,6 +2385,15 @@ nfsd4_exchange_id(struct svc_rqst *rqstp,
status = nfserr_inval;
goto out_nolock;
}
+ /*
+ * Sometimes userspace doesn't give us a principal.
+ * Which is a bug, really. Anyway, we can't enforce
+ * MACH_CRED in that case, better to give up now:
+ */
+ if (!new->cl_cred.cr_principal) {
+ status = nfserr_serverfault;
+ goto out_nolock;
+ }
new->cl_mach_cred = true;
case SP4_NONE:
break;