From bf935a78814cc9b96d09f612912178adc964ce9c Mon Sep 17 00:00:00 2001 From: "J. Bruce Fields" Date: Tue, 20 Jan 2009 19:32:59 -0500 Subject: nfsd: fix null dereference on error path We're forgetting to check the return value from groups_alloc(). Signed-off-by: J. Bruce Fields --- fs/nfsd/auth.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'fs/nfsd/auth.c') diff --git a/fs/nfsd/auth.c b/fs/nfsd/auth.c index c903e04aa217..b860d3484cd7 100644 --- a/fs/nfsd/auth.c +++ b/fs/nfsd/auth.c @@ -49,6 +49,8 @@ int nfsd_setuser(struct svc_rqst *rqstp, struct svc_export *exp) new->fsuid = exp->ex_anon_uid; new->fsgid = exp->ex_anon_gid; gi = groups_alloc(0); + if (!gi) + goto oom; } else if (flags & NFSEXP_ROOTSQUASH) { if (!new->fsuid) new->fsuid = exp->ex_anon_uid; -- cgit From b914152a6fbd2cd0441bc293ae8b3f3f1a9407b6 Mon Sep 17 00:00:00 2001 From: "J. Bruce Fields" Date: Tue, 20 Jan 2009 19:34:22 -0500 Subject: nfsd: fix cred leak on every rpc Since override_creds() took its own reference on new, we need to release our own reference. (Note the put_cred on the return value puts the *old* value of current->creds, not the new passed-in value). Signed-off-by: J. Bruce Fields --- fs/nfsd/auth.c | 1 + 1 file changed, 1 insertion(+) (limited to 'fs/nfsd/auth.c') diff --git a/fs/nfsd/auth.c b/fs/nfsd/auth.c index b860d3484cd7..5573508f707f 100644 --- a/fs/nfsd/auth.c +++ b/fs/nfsd/auth.c @@ -87,6 +87,7 @@ int nfsd_setuser(struct svc_rqst *rqstp, struct svc_export *exp) new->cap_effective = cap_raise_nfsd_set(new->cap_effective, new->cap_permitted); put_cred(override_creds(new)); + put_cred(new); return 0; oom: -- cgit