This bit of code: ... if (strncmp(ses->user_name, vol->username ? vol->username : "", MAX_USERNAME_SIZE)) return 0; ... implies that 'vol->username' may be NULL. If it is NULL, then the 'strlen(vol->username)' that follows will dereference a NULL pointer. This patch should take care of that issue. Signed-off-by: Jesper Juhl <jj@xxxxxxxxxxxxx> --- fs/cifs/connect.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) Compile tested only. diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c index 602f77c..2f3cf02 100644 --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c @@ -2014,8 +2014,9 @@ static int match_session(struct cifs_ses *ses, struct smb_vol *vol) vol->username ? vol->username : "", MAX_USERNAME_SIZE)) return 0; - if (strlen(vol->username) != 0 && - ses->password != NULL && + if (vol->username && + strlen(vol->username) != 0 && + ses->password && strncmp(ses->password, vol->password ? vol->password : "", MAX_PASSWORD_SIZE)) -- 1.7.9.2 -- Jesper Juhl <jj@xxxxxxxxxxxxx> http://www.chaosbits.net/ Don't top-post http://www.catb.org/jargon/html/T/top-post.html Plain text mails only, please. -- To unsubscribe from this list: send the line "unsubscribe linux-cifs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
