]> git.karo-electronics.de Git - karo-tx-linux.git/commit
fs/posix_acl.c: make posix_acl_create() safer and cleaner
authorDan Carpenter <dan.carpenter@oracle.com>
Tue, 7 Apr 2015 23:43:59 +0000 (09:43 +1000)
committerStephen Rothwell <sfr@canb.auug.org.au>
Tue, 7 Apr 2015 23:43:59 +0000 (09:43 +1000)
commit2799563b281fa95da0eb8e2d416d76a0f225d32f
tree4fdb41fe3a47e69cf55efeb0f4f374558d47e71e
parent9585ef3e224fc324b8c0c74e01966bcf7fde785e
fs/posix_acl.c: make posix_acl_create() safer and cleaner

If posix_acl_create() returns an error code then "*acl" and "*default_acl"
can be uninitialized or point to freed memory.  This is a dangerous thing
to do.  For example, it causes a problem in ocfs2_reflink():

fs/ocfs2/refcounttree.c:4327 ocfs2_reflink()
error: potentially using uninitialized 'default_acl'.

I've re-written this so we set the pointers to NULL at the start.  I've
added a temporary "clone" variable to hold the value of "*acl" until end.
Setting them to NULL means means we don't need the "no_acl" label.  We may
as well remove the "apply_umask" stuff forward and remove that label as
well.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Cc: Alexander Viro <viro@zeniv.linux.org.uk>
Cc: Joel Becker <jlbec@evilplan.org>
Cc: Mark Fasheh <mfasheh@suse.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
fs/posix_acl.c