diff options
| author | anton <anton@cvs.openbsd.org> | 2018-07-22 06:31:18 +0000 |
|---|---|---|
| committer | anton <anton@cvs.openbsd.org> | 2018-07-22 06:31:18 +0000 |
| commit | e46bbd452ab1774351ace29f5ab7725463294313 (patch) | |
| tree | 147b055ee9c8fe0e91b2e5b6b61ff6c1d1268efd /sys/kern | |
| parent | 7b1530f152f8d6b109c0e2e7406fdc6148b37d5f (diff) | |
Avoid a NULL pointer deref when calling fchown() on a file descriptor belonging
to a cloned device.
ok kettenis@
Diffstat (limited to 'sys/kern')
| -rw-r--r-- | sys/kern/vfs_syscalls.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/sys/kern/vfs_syscalls.c b/sys/kern/vfs_syscalls.c index bb3a3e5431f..ec5d7a853a8 100644 --- a/sys/kern/vfs_syscalls.c +++ b/sys/kern/vfs_syscalls.c @@ -1,4 +1,4 @@ -/* $OpenBSD: vfs_syscalls.c,v 1.294 2018/07/13 09:36:00 beck Exp $ */ +/* $OpenBSD: vfs_syscalls.c,v 1.295 2018/07/22 06:31:17 anton Exp $ */ /* $NetBSD: vfs_syscalls.c,v 1.71 1996/04/23 10:29:02 mycroft Exp $ */ /* @@ -2345,13 +2345,14 @@ sys_fchown(struct proc *p, void *v, register_t *retval) return (error); vp = fp->f_data; vn_lock(vp, LK_EXCLUSIVE | LK_RETRY); - if (vp->v_mount->mnt_flag & MNT_RDONLY) + if (vp->v_mount && (vp->v_mount->mnt_flag & MNT_RDONLY)) error = EROFS; else { if ((error = pledge_chown(p, uid, gid))) goto out; if ((uid != -1 || gid != -1) && - (vp->v_mount->mnt_flag & MNT_NOPERM) == 0 && + (vp->v_mount && + (vp->v_mount->mnt_flag & MNT_NOPERM) == 0) && (suser(p) || suid_clear)) { error = VOP_GETATTR(vp, &vattr, p->p_ucred, p); if (error) |