Handle when filedescriptors are closed before initialized. An early

fdclose() call can cause fget_unlocked() to fail. Found by: mjg @ MFC after: 1 week Reviewed by: Mark Block <markb@mellanox.com> Sponsored by: Mellanox Technologies Differential Revision: https://reviews.freebsd.org/D4351
2015-12-31 14:47:45 +00:00 · 2015-12-31 14:47:45 +00:00 · b648035313
commit b648035313
parent 06204f8e25
1 changed files with 4 additions and 3 deletions
--- a/sys/compat/linuxkpi/common/include/linux/file.h
+++ b/sys/compat/linuxkpi/common/include/linux/file.h
@ -101,10 +101,11 @@ fd_install(unsigned int fd, struct linux_file *filp)

 	if (fget_unlocked(curthread->td_proc->p_fd, fd,
 	    cap_rights_init(&rights), &file, NULL) != 0) {
-		file = NULL;
+		filp->_file = NULL;
+	} else {
+		filp->_file = file;
+		finit(file, filp->f_mode, DTYPE_DEV, filp, &linuxfileops);
 	}
-	filp->_file = file;
-	finit(file, filp->f_mode, DTYPE_DEV, filp, &linuxfileops);

 	/* drop the extra reference */
 	fput(filp);