ANDROID: fuse-bpf: Add NULL pointer check in fuse_entry_revalidate
If userspace tried to add a backing file in a fuse_dentry_revalidate
where there wasn't one originally, this would trigger a crash. Disallow
this operation for now.
Bug: 296013218
Fixes: 57f3ff964899 ("ANDROID: fuse-bpf v1.1")
Test: fuse_test passes, following script no longer crashes:
adb shell su root setenforce 0
adb shell su root chmod ug+w /data/media
adb shell su root rm /data/media/Android -rf
adb shell su root mkdir -p /storage/emulated/Android/data/test
adb shell su root ls -l /storage/emulated/Android/data/test
Change-Id: Id8a67c43d1edfa010403d5f17e31109b796998cf
Signed-off-by: liujinbao1 <liujinbao1@xiaomi.corp-partner.google.com>
(cherry picked from commit e89b1266f784b2271af2e72a5d04e3e39d0afcdc)
diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c
index 433363e70..ba4e7ea 100644
--- a/fs/fuse/dir.c
+++ b/fs/fuse/dir.c
@@ -183,7 +183,7 @@
int err;
bool ret = true;
- if (!entry) {
+ if (!entry || !fi->backing_inode) {
ret = false;
goto put_backing_file;
}