[PATCH] eCryptfs: fix possible NULL ptr deref in ecryptfs_d_release()

ecryptfs_d_release() first dereferences a pointer (via
ecryptfs_dentry_to_lower()) and then afterwards checks to see if the
pointer it just dereferenced is NULL (via ecryptfs_dentry_to_private()).

This patch moves all of the work done on the dereferenced pointer inside a
block governed by the condition that the pointer is non-NULL.

Signed-off-by: Michael Halcrow <mhalcrow@us.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

diff --git a/fs/ecryptfs/dentry.c b/fs/ecryptfs/dentry.c
index 329efcd3d8c9d672a66799390d5adeceb5150604..cb20b964419f8061bdf7391707a92ab0825c0716 100644 (file)
--- a/fs/ecryptfs/dentry.c
+++ b/fs/ecryptfs/dentry.c
@@ -78,18 +78,13 @@ struct kmem_cache *ecryptfs_dentry_info_cache;
  */
 static void ecryptfs_d_release(struct dentry *dentry)
 {
-       struct dentry *lower_dentry;
-
-       lower_dentry = ecryptfs_dentry_to_lower(dentry);
-       if (ecryptfs_dentry_to_private(dentry))
+       if (ecryptfs_dentry_to_private(dentry)) {
+               if (ecryptfs_dentry_to_lower(dentry)) {
+                       mntput(ecryptfs_dentry_to_lower_mnt(dentry));
+                       dput(ecryptfs_dentry_to_lower(dentry));
+               }
                kmem_cache_free(ecryptfs_dentry_info_cache,
                                ecryptfs_dentry_to_private(dentry));
-       if (lower_dentry) {
-               struct vfsmount *lower_mnt =
-                       ecryptfs_dentry_to_lower_mnt(dentry);
-
-               mntput(lower_mnt);
-               dput(lower_dentry);
        }
        return;
 }