On Thu, 2013-10-10 at 11:15 -0400, J. Bruce Fields wrote:
> From: "J. Bruce Fields" <bfields@xxxxxxxxxx>
>
> We depend on the xdr decoder to set this pointer, but if we error out
> before we decode this piece it could be left NULL.
>
> I think this is probably tough to hit without a buggy gss-proxy.
>
> Reported-by: Andi Kleen <andi@xxxxxxxxxxxxxx>
> Cc: Simo Sorce <simo@xxxxxxxxxx>
> Signed-off-by: J. Bruce Fields <bfields@xxxxxxxxxx>
> ---
> net/sunrpc/auth_gss/gss_rpc_upcall.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/net/sunrpc/auth_gss/gss_rpc_upcall.c b/net/sunrpc/auth_gss/gss_rpc_upcall.c
> index f1eb0d1..458f85e 100644
> --- a/net/sunrpc/auth_gss/gss_rpc_upcall.c
> +++ b/net/sunrpc/auth_gss/gss_rpc_upcall.c
> @@ -298,7 +298,8 @@ int gssp_accept_sec_context_upcall(struct net *net,
> if (res.context_handle) {
> data->out_handle = rctxh.exported_context_token;
> data->mech_oid.len = rctxh.mech.len;
> - memcpy(data->mech_oid.data, rctxh.mech.data,
> + if (rctxh.mech.data)
> + memcpy(data->mech_oid.data, rctxh.mech.data,
> data->mech_oid.len);
> client_name = rctxh.src_name.display_name;
> }
Reviewed-by: Simo Sorce <simo@xxxxxxxxxx>
--
Simo Sorce * Red Hat, Inc * New York
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
