[PATCH 1/1] Kobject: bail early if no new_parent in kobject_move()

From: Phil Carmody
Date: Thu Oct 01 2009 - 10:47:46 EST

Next message: Andrew Morton: "Re: [PATCH 19/19] workqueue: implement concurrency managedworkqueue"
Previous message: Borislav Petkov: "Re: x86: mce: Please revert22223c9b417be5fd0ab2cf9ad17eb7bd1e19f7b9"
Next in thread: Greg KH: "Re: [PATCH 1/1] Kobject: bail early if no new_parent inkobject_move()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Phil Carmody <ext-phil.2.carmody@xxxxxxxxx>

In the absense of kobj->kset, new_parent would remain NULL.
NULL-dereference shenanighans then ensues in the subsequent
sysfs_move_dir(..., new_parent) call. Bail early instead.

Signed-off-by: Phil Carmody <ext-phil.2.carmody@xxxxxxxxx>
---
lib/kobject.c | 6 +++++-
1 files changed, 5 insertions(+), 1 deletions(-)

diff --git a/lib/kobject.c b/lib/kobject.c
index b512b74..3574f94 100644
--- a/lib/kobject.c
+++ b/lib/kobject.c
@@ -471,8 +471,12 @@ int kobject_move(struct kobject *kobj, struct kobject *new_parent)
return -EINVAL;
new_parent = kobject_get(new_parent);
if (!new_parent) {
- if (kobj->kset)
+ if (kobj->kset) {
new_parent = kobject_get(&kobj->kset->kobj);
+ } else {
+ error = -EINVAL;
+ goto out;
+ }
}
/* old object path */
devpath = kobject_get_path(kobj, GFP_KERNEL);
--
1.5.4.3

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andrew Morton: "Re: [PATCH 19/19] workqueue: implement concurrency managedworkqueue"
Previous message: Borislav Petkov: "Re: x86: mce: Please revert22223c9b417be5fd0ab2cf9ad17eb7bd1e19f7b9"
Next in thread: Greg KH: "Re: [PATCH 1/1] Kobject: bail early if no new_parent inkobject_move()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]