linux-cifs.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Namjae Jeon <linkinjeon@kernel.org>
To: Dan Carpenter <dan.carpenter@linaro.org>
Cc: namjae.jeon@samsung.com, linux-cifs@vger.kernel.org
Subject: Re: [bug report] cifsd: add server-side procedures for SMB3
Date: Fri, 26 May 2023 23:38:06 +0900	[thread overview]
Message-ID: <CAKYAXd_=Y+oA43PFx9Eye_=ERkqhATFBnB_YCd35p8g89Ghjng@mail.gmail.com> (raw)
In-Reply-To: <74f5237c-50a4-4117-8e6e-62c2de48c2c8@kili.mountain>

2023-05-26 20:56 GMT+09:00, Dan Carpenter <dan.carpenter@linaro.org>:
> Hello Namjae Jeon,
>
> The patch e2f34481b24d: "cifsd: add server-side procedures for SMB3"
> from Mar 16, 2021, leads to the following Smatch static checker
> warning:
>
> fs/smb/server/smbacl.c:1296 smb_check_perm_dacl()
>     error: 'posix_acls' dereferencing possible ERR_PTR()
> fs/smb/server/vfs.c:1323 ksmbd_vfs_make_xattr_posix_acl()
>     error: 'posix_acls' dereferencing possible ERR_PTR()
> fs/smb/server/vfs.c:1830 ksmbd_vfs_inherit_posix_acl()
>     error: 'acls' dereferencing possible ERR_PTR()
I will fix it.
Thanks for your report!
>
> fs/smb/server/smbacl.c
>     1281         if (*pdaccess & FILE_MAXIMAL_ACCESS_LE && found) {
>     1282                 granted = READ_CONTROL | WRITE_DAC |
> FILE_READ_ATTRIBUTES |
>     1283                         DELETE;
>     1284
>     1285                 granted |= le32_to_cpu(ace->access_req);
>     1286
>     1287                 if (!pdacl->num_aces)
>     1288                         granted = GENERIC_ALL_FLAGS;
>     1289         }
>     1290
>     1291         if (IS_ENABLED(CONFIG_FS_POSIX_ACL)) {
>     1292                 posix_acls = get_inode_acl(d_inode(path->dentry),
> ACL_TYPE_ACCESS);
>
> __get_acl() returns a mix of error pointers and NULL.  I don't really
> understand the rules here.  There are no comments explaining it.
>
>     1293                 if (posix_acls && !found) {
>     1294                         unsigned int id = -1;
>     1295
> --> 1296                         pa_entry = posix_acls->a_entries;
>                                             ^^^^^^^^^^^^
> Potential error pointer dereference.
>
>     1297                         for (i = 0; i < posix_acls->a_count; i++,
> pa_entry++) {
>     1298                                 if (pa_entry->e_tag == ACL_USER)
>     1299                                         id =
> posix_acl_uid_translate(idmap, pa_entry);
>     1300                                 else if (pa_entry->e_tag ==
> ACL_GROUP)
>     1301                                         id =
> posix_acl_gid_translate(idmap, pa_entry);
>     1302                                 else
>
> regards,
> dan carpenter
>

  reply	other threads:[~2023-05-26 14:38 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-05-26 11:56 [bug report] cifsd: add server-side procedures for SMB3 Dan Carpenter
2023-05-26 14:38 ` Namjae Jeon [this message]
  -- strict thread matches above, loose matches on Subject: below --
2021-11-30 11:54 Dan Carpenter
2021-11-30 23:59 ` Hyunchul Lee
2021-12-01  1:57 ` Namjae Jeon
2021-07-08 11:30 Dan Carpenter

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAKYAXd_=Y+oA43PFx9Eye_=ERkqhATFBnB_YCd35p8g89Ghjng@mail.gmail.com' \
    --to=linkinjeon@kernel.org \
    --cc=dan.carpenter@linaro.org \
    --cc=linux-cifs@vger.kernel.org \
    --cc=namjae.jeon@samsung.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).