Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys/kern Fix a NULL pointer dereference after a loooong disc...
details: https://anonhg.NetBSD.org/src/rev/125e1e22ba9a
branches: trunk
changeset: 330091:125e1e22ba9a
user: maxv <maxv%NetBSD.org@localhost>
date: Sun Jun 22 18:32:27 2014 +0000
description:
Fix a NULL pointer dereference after a loooong discussion with dholland@,
hannken@, blymn@ and martin@.
This bug would panic the system when veriexec is set to the VERIEXEC_LOCKDOWN
mode (only settable from root).
diffstat:
sys/kern/vfs_vnops.c | 25 +++++++++++++++++++++----
1 files changed, 21 insertions(+), 4 deletions(-)
diffs (46 lines):
diff -r e2bf9de29625 -r 125e1e22ba9a sys/kern/vfs_vnops.c
--- a/sys/kern/vfs_vnops.c Sun Jun 22 17:36:42 2014 +0000
+++ b/sys/kern/vfs_vnops.c Sun Jun 22 18:32:27 2014 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: vfs_vnops.c,v 1.189 2014/02/27 16:51:38 hannken Exp $ */
+/* $NetBSD: vfs_vnops.c,v 1.190 2014/06/22 18:32:27 maxv Exp $ */
/*-
* Copyright (c) 2009 The NetBSD Foundation, Inc.
@@ -66,7 +66,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: vfs_vnops.c,v 1.189 2014/02/27 16:51:38 hannken Exp $");
+__KERNEL_RCSID(0, "$NetBSD: vfs_vnops.c,v 1.190 2014/06/22 18:32:27 maxv Exp $");
#include "veriexec.h"
@@ -171,8 +171,25 @@
#if NVERIEXEC > 0
error = veriexec_openchk(l, ndp->ni_vp, pathstring, fmode);
- if (error)
- goto bad;
+ if (error) {
+ /* We have to release the locks ourselves */
+ if (fmode & O_CREAT) {
+ if (vp == NULL) {
+ vput(ndp->ni_dvp);
+ } else {
+ VOP_ABORTOP(ndp->ni_dvp, &ndp->ni_cnd);
+ if (ndp->ni_dvp == ndp->ni_vp)
+ vrele(ndp->ni_dvp);
+ else
+ vput(ndp->ni_dvp);
+ ndp->ni_dvp = NULL;
+ vput(vp);
+ }
+ } else {
+ vput(vp);
+ }
+ goto out;
+ }
#endif /* NVERIEXEC > 0 */
if (fmode & O_CREAT) {
Home |
Main Index |
Thread Index |
Old Index