From: Pekka Enberg <[EMAIL PROTECTED]>
Fix a zero-length kmalloc in the case where there is nothing to revoke.
Signed-off-by: Pekka Enberg <[EMAIL PROTECTED]>
---
fs/revoke.c | 21 +++++++++------------
1 file changed, 9 insertions(+), 12 deletions(-)
Index: 26-mm/fs/revoke.c
===================================================================
--- 26-mm.orig/fs/revoke.c 2007-05-22 22:58:17.000000000 +0300
+++ 26-mm/fs/revoke.c 2007-05-22 23:01:17.000000000 +0300
@@ -547,22 +547,12 @@ static struct fileset *__alloc_revoke_fs
return NULL;
}
-static struct fileset *alloc_revoke_fset(struct inode *inode, struct file
*to_exclude)
-{
- unsigned long nr_fds;
-
- read_lock(&tasklist_lock);
- nr_fds = inode_fds(inode, to_exclude);
- read_unlock(&tasklist_lock);
-
- return __alloc_revoke_fset(nr_fds);
-}
-
static int do_revoke(struct inode *inode, struct file *to_exclude)
{
struct revoke_details details;
struct fileset *fset = NULL;
struct task_struct *g, *p;
+ unsigned long nr_fds;
int err = 0;
if (current->fsuid != inode->i_uid && !capable(CAP_FOWNER)) {
@@ -576,11 +566,18 @@ static int do_revoke(struct inode *inode
goto out;
}
+ read_lock(&tasklist_lock);
+ nr_fds = inode_fds(inode, to_exclude);
+ read_unlock(&tasklist_lock);
+
+ if (!nr_fds)
+ goto out;
+
/*
* Pre-allocate memory because the first pass is done under
* tasklist_lock.
*/
- fset = alloc_revoke_fset(inode, to_exclude);
+ fset = __alloc_revoke_fset(nr_fds);
if (!fset) {
err = -ENOMEM;
goto out;
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
