[Cluster-devel] [PATCH] checking NULL pointer in device_write of dlm-control
David Teigland
teigland at redhat.com
Wed May 28 14:26:38 UTC 2008
On Wed, May 28, 2008 at 02:45:10PM +0900, Masatake YAMATO wrote:
> Hi,
>
> I found a way to let linux dereference NULL pointer
> in gfs2-2.6-nmw/fs/dlm/user.c.
>
> If `device_write' method is called via "dlm-control",
> file->private_data is NULL. (See ctl_device_open() in
> user.c. ) Through proc->flags is read:
>
> if ((kbuf->cmd == DLM_USER_LOCK || kbuf->cmd == DLM_USER_UNLOCK) &&
> test_bit(DLM_PROC_FLAGS_CLOSING, &proc->flags))
> return -EINVAL;
Thanks for the patch, I'll push it out shortly.
Dave
More information about the Cluster-devel
mailing list