Opened 7 years ago
Last modified 7 years ago
#16836 closed defect
sf_unlink_aux: potential null pointer dereference on dentry — at Version 1
| Reported by: | ColinIanKing | Owned by: | |
|---|---|---|---|
| Component: | other | Version: | VirtualBox 5.1.22 |
| Keywords: | dentry null pointer dereference | Cc: | |
| Guest type: | Linux | Host type: | Linux |
Description (last modified by )
Function sf_unlink_aux() in vboxsf/dirops.c performs a dereference on dentry with the following call:
err = sf_path_from_dentry(__func__, sf_g, sf_i, dentry, &path);
However, a few statements later dentry is being checked to see if it is a NULL pointer:
if ( dentry
&& dentry->d_inode
&& ((dentry->d_inode->i_mode & S_IFLNK) == S_IFLNK))
fFlags |= SHFL_REMOVE_SYMLINK;
Either that null pointer check is redundant or it dentry really could be NULL, in which case the earlier call to sf_path_from_dentry with a null dentry can trip a null pointer deference bug on dentry.
Anyhow, the current code looks suspect and should be fixed.
Note:
See TracTickets
for help on using tickets.

