rpc: fix NULL dereference on kmalloc failure - linux - Various Linux trees of dubious usefulness

diff options

author	J. Bruce Fields <bfields@redhat.com>	2021-03-02 10:48:38 -0500
committer	Chuck Lever <chuck.lever@oracle.com>	2021-03-06 16:41:49 -0500
commit	0ddc942394013f08992fc379ca04cffacbbe3dae (patch)
tree	b0d9f2e91622080cda5fb9ca7bf30c11fb83aefd /fs/nfsd
parent	f1442d6349a2e7bb7a6134791bdc26cb776c79af (diff)
download	linux-0ddc942394013f08992fc379ca04cffacbbe3dae.tar.gz

rpc: fix NULL dereference on kmalloc failure

I think this is unlikely but possible:

svc_authenticate sets rq_authop and calls svcauth_gss_accept.  The
kmalloc(sizeof(*svcdata), GFP_KERNEL) fails, leaving rq_auth_data NULL,
and returning SVC_DENIED.

This causes svc_process_common to go to err_bad_auth, and eventually
call svc_authorise.  That calls ->release == svcauth_gss_release, which
tries to dereference rq_auth_data.

Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Link: https://lore.kernel.org/linux-nfs/3F1B347F-B809-478F-A1E9-0BE98E22B0F0@oracle.com/T/#t
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>

Diffstat (limited to 'fs/nfsd')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: