Opened 8 years ago
Closed 8 years ago
#16836 closed defect (fixed)
sf_unlink_aux: potential null pointer dereference on dentry
| Reported by: | ColinIanKing | Owned by: | |
|---|---|---|---|
| Component: | other | Version: | VirtualBox 5.1.22 |
| Keywords: | dentry null pointer dereference | Cc: | |
| Guest type: | Linux | Host type: | Linux |
Description (last modified by )
Function sf_unlink_aux() in vboxsf/dirops.c performs a dereference on dentry with the following call:
err = sf_path_from_dentry(__func__, sf_g, sf_i, dentry, &path);
However, a few statements later dentry is being checked to see if it is a NULL pointer:
if ( dentry
&& dentry->d_inode
&& ((dentry->d_inode->i_mode & S_IFLNK) == S_IFLNK))
fFlags |= SHFL_REMOVE_SYMLINK;
Either that null pointer check is redundant or it dentry really could be NULL, in which case the earlier call to sf_path_from_dentry with a null dentry can trip a null pointer deference bug on dentry.
Anyhow, the current code looks suspect and should be fixed.
Change History (2)
comment:1 by , 8 years ago
| Description: | modified (diff) |
|---|
comment:2 by , 8 years ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
Note:
See TracTickets
for help on using tickets.
denry is never NULL. The check is superfluous. Fixed the code but it's not necessary to open tickets for such trivial issues.