linux/net/ceph
Dan Carpenter 00c8ebb360 libceph: NULL deref on osdmap_apply_incremental() error path
There are hidden gotos in the ceph_decode_* macros.  We need to set the
"err" variable on these error paths otherwise we end up returning
ERR_PTR(0) which is NULL.  It causes NULL dereferences in the callers.

Fixes: 6f428df47d ("libceph: pg_upmap[_items] infrastructure")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
[idryomov@gmail.com: similar bug in osdmap_decode(), changelog tweak]
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
2017-07-17 14:54:58 +02:00
..
crush crush: remove an obsolete comment 2017-07-07 17:25:19 +02:00
armor.c
auth_none.c libceph: rename ceph_entity_name_encode() -> ceph_auth_entity_name_encode() 2016-08-24 23:49:15 +02:00
auth_none.h libceph: make authorizer destruction independent of ceph_auth_client 2016-04-25 20:54:13 +02:00
auth_x_protocol.h
auth_x.c libceph: fix error handling in process_one_ticket() 2017-05-23 20:32:28 +02:00
auth_x.h libceph: rename and align ceph_x_authorizer::reply_buf 2016-12-12 23:09:19 +01:00
auth.c libceph: drop len argument of *verify_authorizer_reply() 2016-12-12 23:09:21 +01:00
buffer.c
ceph_common.c Add wait_for_random_bytes() and get_random_*_wait() functions so that 2017-07-15 12:44:02 -07:00
ceph_fs.c libceph: fix legacy layout decode with pool 0 2016-11-10 20:13:08 +01:00
ceph_hash.c
ceph_strings.c rbd: support for exclusive-lock feature 2016-08-24 23:49:16 +02:00
cls_lock_client.c rbd: support updating the lock cookie without releasing the lock 2017-05-04 09:19:23 +02:00
crypto.c sched/headers: Prepare to move the memalloc_noio_*() APIs to <linux/sched/mm.h> 2017-03-02 08:42:33 +01:00
crypto.h libceph: stop allocating a new cipher on every crypto request 2016-12-12 23:09:20 +01:00
debugfs.c libceph: osd_state is 32 bits wide in luminous 2017-07-07 17:25:19 +02:00
Kconfig
Makefile libceph: support for advisory locking on RADOS objects 2016-08-24 23:49:15 +02:00
messenger.c libceph: ceph_connection_operations::reencode_message() method 2017-07-07 17:25:15 +02:00
mon_client.c libceph: support SERVER_JEWEL feature bits 2017-07-07 17:25:15 +02:00
msgpool.c libceph: fix some missing includes 2016-07-28 02:55:35 +02:00
osd_client.c libceph: respect RADOS_BACKOFF backoffs 2017-07-07 17:25:17 +02:00
osdmap.c libceph: NULL deref on osdmap_apply_incremental() error path 2017-07-17 14:54:58 +02:00
pagelist.c libceph: convert ceph_pagelist.refcnt from atomic_t to refcount_t 2017-05-04 09:19:19 +02:00
pagevec.c mm: replace get_user_pages_unlocked() write/force parameters with gup_flags 2016-10-18 14:13:37 -07:00
snapshot.c libceph: convert ceph_snap_context.nref from atomic_t to refcount_t 2017-05-04 09:19:18 +02:00
string_table.c libceph: using kfree_rcu() to simplify the code 2016-08-08 21:41:42 +02:00