From 084013b8e040a1414f83e5574d2716019c180a11 Mon Sep 17 00:00:00 2001 From: Erez Zadok Date: Sat, 21 May 2011 01:19:59 -0400 Subject: VFS: move BUG_ON test for symlink nd->depth after current->link_count test commit 1a4022f88d40e1255920b017556092ab926d7f66 upstream. This solves a serious VFS-level bug in nested_symlink (which was rewritten from do_follow_link), and follows the order of depth tests that existed before. The bug triggers a BUG_ON in fs/namei.c:1381, when running racer with symlink and rename ops. Signed-off-by: Erez Zadok Acked-by: Miklos Szeredi Signed-off-by: Linus Torvalds Signed-off-by: Greg Kroah-Hartman --- fs/namei.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/namei.c b/fs/namei.c index e3c4f112ebf..6ff858c049c 100644 --- a/fs/namei.c +++ b/fs/namei.c @@ -1378,12 +1378,12 @@ static inline int nested_symlink(struct path *path, struct nameidata *nd) { int res; - BUG_ON(nd->depth >= MAX_NESTED_LINKS); if (unlikely(current->link_count >= MAX_NESTED_LINKS)) { path_put_conditional(path, nd); path_put(&nd->path); return -ELOOP; } + BUG_ON(nd->depth >= MAX_NESTED_LINKS); nd->depth++; current->link_count++; -- cgit v1.2.3-18-g5258