mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-21 10:01:00 +00:00
Code Issues Releases Wiki Activity
linux-stable/net/sunrpc
History
J. Bruce Fields 5fb71b231c rpc: fix NULL dereference on kmalloc failure 
[ Upstream commit 0ddc942394 ]

I think this is unlikely but possible:

svc_authenticate sets rq_authop and calls svcauth_gss_accept.  The
kmalloc(sizeof(*svcdata), GFP_KERNEL) fails, leaving rq_auth_data NULL,
and returning SVC_DENIED.

This causes svc_process_common to go to err_bad_auth, and eventually
call svc_authorise.  That calls ->release == svcauth_gss_release, which
tries to dereference rq_auth_data.

Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Link: https://lore.kernel.org/linux-nfs/3F1B347F-B809-478F-A1E9-0BE98E22B0F0@oracle.com/T/#t
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2021-04-07 15:00:04 +02:00
..
auth_gss rpc: fix NULL dereference on kmalloc failure 2021-04-07 15:00:04 +02:00
xprtrdma svcrdma: disable timeouts on rdma backchannel 2021-03-25 09:04:08 +01:00
addr.c net: sunrpc: interpret the return value of kstrtou32 correctly 2021-01-19 18:27:33 +01:00
auth.c sunrpc: add missing newline when printing parameter 'auth_hashtable_size' by sysfs 2020-06-11 13:33:48 -04:00
auth_null.c SUNRPC: Add rpc_auth::au_ralign field 2019-02-14 11:48:36 -05:00
auth_unix.c SUNRPC: Use the client user namespace when encoding creds 2019-04-26 16:24:32 -04:00
backchannel_rqst.c The one new feature this time, from Anna Schumaker, is READ_PLUS, which 2020-10-22 09:44:27 -07:00
cache.c sunrpc: raise kernel RPC channel buffer size 2020-10-20 13:21:30 -04:00
clnt.c SUNRPC: Clean up call_bind_status() observability 2020-09-21 10:21:09 -04:00
debugfs.c net: sunrpc: Fix 'snprintf' return value check in 'do_xprt_debugfs' 2020-12-30 11:53:30 +01:00
Kconfig SUNRPC: remove RC4-HMAC-MD5 support from KerberosV 2020-09-11 14:39:15 +10:00
Makefile SUNRPC: remove generic cred code. 2018-12-19 13:52:46 -05:00
netns.h
rpc_pipe.c sunrpc: destroy rpc_inode_cachep after unregister_filesystem 2020-07-17 13:12:44 -04:00
rpcb_clnt.c SUNRPC: Replace rpcbind dprintk call sites with tracepoints 2020-09-21 10:21:09 -04:00
sched.c SUNRPC: Set memalloc_nofs_save() for sync tasks 2021-03-17 17:06:33 +01:00
socklib.c skb_copy_and_csum_bits(): don't bother with the last argument 2020-08-20 15:45:13 -04:00
socklib.h SUNRPC: Refactor xs_sendpages() 2020-03-16 12:04:33 -04:00
stats.c proc: convert everything to "struct proc_ops" 2020-02-04 03:05:26 +00:00
sunrpc.h Replace HTTP links with HTTPS ones: NFS, SUNRPC, and LOCKD clients 2020-09-21 10:21:10 -04:00
sunrpc_syms.c sunrpc: check that domain table is empty at module unload. 2020-05-28 18:15:00 -04:00
svc.c sunrpc: fix refcount leak for rpc auth modules 2021-03-25 09:04:08 +01:00
svc_xprt.c NFSD: Repair misuse of sv_lock in 5.10.16-rt30. 2021-03-25 09:04:08 +01:00
svcauth.c sunrpc: check that domain table is empty at module unload. 2020-05-28 18:15:00 -04:00
svcauth_unix.c sunrpc: Remove unused function ip_map_update 2020-05-06 16:00:11 -04:00
svcsock.c SUNRPC: Fix NFS READs that start at non-page-aligned offsets 2021-02-10 09:29:13 +01:00
sysctl.c net/sunrpc: fix useless comparison in proc_do_xprt() 2020-11-08 16:28:25 -05:00
timer.c treewide: Add SPDX license identifier for missed files 2019-05-21 10:50:45 +02:00
xdr.c The one new feature this time, from Anna Schumaker, is READ_PLUS, which 2020-10-22 09:44:27 -07:00
xprt.c SUNRPC: xprt_load_transport() needs to support the netid "rdma6" 2020-12-30 11:53:30 +01:00
xprtmultipath.c SUNRPC: Optimise transport balancing code 2019-07-18 14:43:52 -04:00
xprtsock.c sunrpc: fix xs_read_xdr_buf for partial pages receive 2020-12-30 11:53:53 +01:00