[patch 26/74] cifs: fix error handling in mount-time DFS referral chasing code

From: Greg KH
Date: Thu Aug 13 2009 - 16:10:16 EST

Next message: Jonathan Corbet: "[PATCH 1/2] pm_qos: remove the BKL"
Previous message: Greg KH: "[patch 27/74] thinkpad-acpi: disable broken bay and dock subdrivers"
In reply to: Greg KH: "[patch 27/74] thinkpad-acpi: disable broken bay and dock subdrivers"
Next in thread: Greg KH: "[patch 30/74] tracing: Fix invalid function_graph entry"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

2.6.30-stable review patch. If anyone has any objections, please let us know.

------------------

From: Jeff Layton <jlayton@xxxxxxxxxx>

commit 7b91e2661addd8e2419cb45f6a322aa5dab9bcee upstream.

If the referral is malformed or the hostname can't be resolved, then
the current code generates an oops. Fix it to handle these errors
gracefully.

Reported-by: Sandro Mathys <sm@xxxxxxxxxxxxxxxx>
Acked-by: Igor Mammedov <niallain@xxxxxxxxx>
Signed-off-by: Jeff Layton <jlayton@xxxxxxxxxx>
Signed-off-by: Steve French <sfrench@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxx>

---
fs/cifs/cifs_dfs_ref.c | 12 +++++++++---
fs/cifs/connect.c | 13 ++++++++++---
2 files changed, 19 insertions(+), 6 deletions(-)

--- a/fs/cifs/cifs_dfs_ref.c
+++ b/fs/cifs/cifs_dfs_ref.c
@@ -55,7 +55,7 @@ void cifs_dfs_release_automount_timer(vo
* i.e. strips from UNC trailing path that is not part of share
* name and fixup missing '\' in the begining of DFS node refferal
* if neccessary.
- * Returns pointer to share name on success or NULL on error.
+ * Returns pointer to share name on success or ERR_PTR on error.
* Caller is responsible for freeing returned string.
*/
static char *cifs_get_share_name(const char *node_name)
@@ -68,7 +68,7 @@ static char *cifs_get_share_name(const c
UNC = kmalloc(len+2 /*for term null and additional \ if it's missed */,
GFP_KERNEL);
if (!UNC)
- return NULL;
+ return ERR_PTR(-ENOMEM);

/* get share name and server name */
if (node_name[1] != '\\') {
@@ -87,7 +87,7 @@ static char *cifs_get_share_name(const c
cERROR(1, ("%s: no server name end in node name: %s",
__func__, node_name));
kfree(UNC);
- return NULL;
+ return ERR_PTR(-EINVAL);
}

/* find sharename end */
@@ -133,6 +133,12 @@ char *cifs_compose_mount_options(const c
return ERR_PTR(-EINVAL);

*devname = cifs_get_share_name(ref->node_name);
+ if (IS_ERR(*devname)) {
+ rc = PTR_ERR(*devname);
+ *devname = NULL;
+ goto compose_mount_options_err;
+ }
+
rc = dns_resolve_server_name_to_ip(*devname, &srvIP);
if (rc != 0) {
cERROR(1, ("%s: Failed to resolve server part of %s to IP: %d",
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -2563,11 +2563,20 @@ remote_path_check:

if (mount_data != mount_data_global)
kfree(mount_data);
+
mount_data = cifs_compose_mount_options(
cifs_sb->mountdata, full_path + 1,
referrals, &fake_devname);
- kfree(fake_devname);
+
free_dfs_info_array(referrals, num_referrals);
+ kfree(fake_devname);
+ kfree(full_path);
+
+ if (IS_ERR(mount_data)) {
+ rc = PTR_ERR(mount_data);
+ mount_data = NULL;
+ goto mount_fail_check;
+ }

if (tcon)
cifs_put_tcon(tcon);
@@ -2575,8 +2584,6 @@ remote_path_check:
cifs_put_smb_ses(pSesInfo);

cleanup_volume_info(&volume_info);
- FreeXid(xid);
- kfree(full_path);
referral_walks_count++;
goto try_mount_again;
}

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jonathan Corbet: "[PATCH 1/2] pm_qos: remove the BKL"
Previous message: Greg KH: "[patch 27/74] thinkpad-acpi: disable broken bay and dock subdrivers"
In reply to: Greg KH: "[patch 27/74] thinkpad-acpi: disable broken bay and dock subdrivers"
Next in thread: Greg KH: "[patch 30/74] tracing: Fix invalid function_graph entry"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]