Commit 884ea892 authored Nov 22, 2010 by Sage Weil

ceph: avoid possible null deref in readdir after dir llseek



last may be NULL, but we dereference it in the else branch without
checking.  Normally it doesn't trigger because last == NULL when fpos == 2,
but it could happen on a newly opened dir if the user seeks forward.

Reported-by: Dan Carpenter <error27@gmail.com>
Signed-off-by: Sage Weil <sage@newdream.net>

parent 3561d43f

fs/ceph/dir.c

+2 −2

Original line number	Diff line number	Diff line
		@@ -114,8 +114,8 @@ static int __dcache_readdir(struct file *filp,
		spin_lock(&dcache_lock);

		/* start at beginning? */
		if (filp->f_pos == 2 \|\| (last &&
		filp->f_pos < ceph_dentry(last)->offset)) {
		if (filp->f_pos == 2 \|\| last == NULL \|\|
		filp->f_pos < ceph_dentry(last)->offset) {
		if (list_empty(&parent->d_subdirs))
		goto out_unlock;
		p = parent->d_subdirs.prev;