| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 06 Nov 2018 12:30:49 +0300
From: Kirill Tkhai <ktkhai@...tuozzo.com>
To: miklos@...redi.hu, ktkhai@...tuozzo.com,
linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [PATCH 4/6] fuse: Check for FR_SENT bit in fuse_dev_do_write()
It's not possible to have answer to a request,
before the request is actually sent. Add sanity
check for that.
Signed-off-by: Kirill Tkhai <ktkhai@...tuozzo.com>
---
fs/fuse/dev.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/fuse/dev.c b/fs/fuse/dev.c
index 739968ee8b0c..c603f1ebf0fd 100644
--- a/fs/fuse/dev.c
+++ b/fs/fuse/dev.c
@@ -1947,7 +1947,7 @@ static ssize_t fuse_dev_do_write(struct fuse_dev *fud,
goto err_unlock_pq;
req = request_find(fpq, oh.unique & ~FUSE_INT_REQ_BIT);
- if (!req)
+ if (!req || !test_bit(FR_SENT, &req->flags))
goto err_unlock_pq;
/* Is it an interrupt reply ID? */
Powered by blists - more mailing lists