• Yao Liu's avatar
    cifs: Fix NULL pointer dereference of devname · d6dd8042
    Yao Liu authored
    [ Upstream commit 68e2672f ]
    
    There is a NULL pointer dereference of devname in strspn()
    
    The oops looks something like:
    
      CIFS: Attempting to mount (null)
      BUG: unable to handle kernel NULL pointer dereference at 0000000000000000
      ...
      RIP: 0010:strspn+0x0/0x50
      ...
      Call Trace:
       ? cifs_parse_mount_options+0x222/0x1710 [cifs]
       ? cifs_get_volume_info+0x2f/0x80 [cifs]
       cifs_setup_volume_info+0x20/0x190 [cifs]
       cifs_get_volume_info+0x50/0x80 [cifs]
       cifs_smb3_do_mount+0x59/0x630 [cifs]
       ? ida_alloc_range+0x34b/0x3d0
       cifs_do_mount+0x11/0x20 [cifs]
       mount_fs+0x52/0x170
       vfs_kern_mount+0x6b/0x170
       do_mount+0x216/0xdc0
       ksys_mount+0x83/0xd0
       __x64_sys_mount+0x25/0x30
       do_syscall_64+0x65/0x220
       entry_SYSCALL_64_after_hwframe+0x49/0xbe
    
    Fix this by adding a NULL check on devname in cifs_parse_devname()
    Signed-off-by: 's avatarYao Liu <yotta.liu@ucloud.cn>
    Signed-off-by: 's avatarSteve French <stfrench@microsoft.com>
    Signed-off-by: 's avatarSasha Levin <sashal@kernel.org>
    d6dd8042
Name
Last commit
Last update
..
Kconfig Loading commit data...
Makefile Loading commit data...
asn1.c Loading commit data...
cache.c Loading commit data...
cifs_debug.c Loading commit data...
cifs_debug.h Loading commit data...
cifs_dfs_ref.c Loading commit data...
cifs_fs_sb.h Loading commit data...
cifs_ioctl.h Loading commit data...
cifs_spnego.c Loading commit data...
cifs_spnego.h Loading commit data...
cifs_unicode.c Loading commit data...
cifs_unicode.h Loading commit data...
cifs_uniupr.h Loading commit data...
cifsacl.c Loading commit data...
cifsacl.h Loading commit data...
cifsencrypt.c Loading commit data...
cifsfs.c Loading commit data...
cifsfs.h Loading commit data...
cifsglob.h Loading commit data...
cifspdu.h Loading commit data...
cifsproto.h Loading commit data...
cifssmb.c Loading commit data...
connect.c Loading commit data...
dfs_cache.c Loading commit data...
dfs_cache.h Loading commit data...
dir.c Loading commit data...
dns_resolve.c Loading commit data...
dns_resolve.h Loading commit data...
export.c Loading commit data...
file.c Loading commit data...
fscache.c Loading commit data...
fscache.h Loading commit data...
inode.c Loading commit data...
ioctl.c Loading commit data...
link.c Loading commit data...
misc.c Loading commit data...
netmisc.c Loading commit data...
nterr.c Loading commit data...
nterr.h Loading commit data...
ntlmssp.h Loading commit data...
readdir.c Loading commit data...
rfc1002pdu.h Loading commit data...
sess.c Loading commit data...
smb1ops.c Loading commit data...
smb2file.c Loading commit data...
smb2glob.h Loading commit data...
smb2inode.c Loading commit data...
smb2maperror.c Loading commit data...
smb2misc.c Loading commit data...
smb2ops.c Loading commit data...
smb2pdu.c Loading commit data...
smb2pdu.h Loading commit data...
smb2proto.h Loading commit data...
smb2status.h Loading commit data...
smb2transport.c Loading commit data...
smbdirect.c Loading commit data...
smbdirect.h Loading commit data...
smbencrypt.c Loading commit data...
smberr.h Loading commit data...
smbfsctl.h Loading commit data...
trace.c Loading commit data...
trace.h Loading commit data...
transport.c Loading commit data...
winucase.c Loading commit data...
xattr.c Loading commit data...