| From fc87a40677bbe0937e2ff0642c7e83c9a4813f3d Mon Sep 17 00:00:00 2001 |
| From: Jeff Layton <jlayton@redhat.com> |
| Date: Wed, 18 Aug 2010 13:13:39 -0400 |
| Subject: cifs: fix NULL pointer dereference in cifs_find_smb_ses |
| |
| From: Jeff Layton <jlayton@redhat.com> |
| |
| commit fc87a40677bbe0937e2ff0642c7e83c9a4813f3d upstream. |
| |
| cifs_find_smb_ses assumes that the vol->password field is a valid |
| pointer, but that's only the case if a password was passed in via |
| the options string. It's possible that one won't be if there is |
| no mount helper on the box. |
| |
| Reported-by: diabel <gacek-2004@wp.pl> |
| Signed-off-by: Jeff Layton <jlayton@redhat.com> |
| Signed-off-by: Steve French <sfrench@us.ibm.com> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> |
| |
| --- |
| fs/cifs/connect.c | 3 ++- |
| 1 file changed, 2 insertions(+), 1 deletion(-) |
| |
| --- a/fs/cifs/connect.c |
| +++ b/fs/cifs/connect.c |
| @@ -1605,7 +1605,8 @@ cifs_find_smb_ses(struct TCP_Server_Info |
| MAX_USERNAME_SIZE)) |
| continue; |
| if (strlen(vol->username) != 0 && |
| - strncmp(ses->password, vol->password, |
| + strncmp(ses->password, |
| + vol->password ? vol->password : "", |
| MAX_PASSWORD_SIZE)) |
| continue; |
| } |
