smb3: fix possible access to uninitialized pointer to DACL

dacl_ptr can be null so we must check for it everywhere it is
used in build_sec_desc.

Addresses-Coverity: 1475598 ("Explicit null dereference")
Signed-off-by: Steve French <stfrench@microsoft.com>

diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c
index 5ec5d9d24032b30a9f54145ade760611fc428d96..388eb536cff15967ba64c12ab017a68ae9cdd72d 100644 (file)
--- a/fs/cifs/cifsacl.c
+++ b/fs/cifs/cifsacl.c
@@ -1294,7 +1294,7 @@ static int build_sec_desc(struct cifs_ntsd *pntsd, struct cifs_ntsd *pnntsd,
                ndacl_ptr = (struct cifs_acl *)((char *)pnntsd + ndacloffset);
                ndacl_ptr->revision =
                        dacloffset ? dacl_ptr->revision : cpu_to_le16(ACL_REVISION);
-               ndacl_ptr->num_aces = dacl_ptr->num_aces;
+               ndacl_ptr->num_aces = dacl_ptr ? dacl_ptr->num_aces : 0;
 
                if (uid_valid(uid)) { /* chown */
                        uid_t id;