ecryptfs: checking return code of ecryptfs_find_auth_tok_for_sig()
authorRoberto Sassu <roberto.sassu@polito.it>
Wed, 6 Oct 2010 16:31:15 +0000 (18:31 +0200)
committerTyler Hicks <tyhicks@linux.vnet.ibm.com>
Fri, 29 Oct 2010 15:31:36 +0000 (10:31 -0500)
This patch replaces the check of the 'matching_auth_tok' pointer with
the exit status of ecryptfs_find_auth_tok_for_sig().
This avoids to use authentication tokens obtained through the function
ecryptfs_keyring_auth_tok_for_sig which are not valid.

Signed-off-by: Roberto Sassu <roberto.sassu@polito.it>
Cc: Dustin Kirkland <kirkland@canonical.com>
Cc: James Morris <jmorris@namei.org>
Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
fs/ecryptfs/keystore.c

index b85c6a7..e7f029f 100644 (file)
@@ -1819,11 +1819,11 @@ find_next_matching_auth_tok:
                        rc = -EINVAL;
                        goto out_wipe_list;
                }
-               ecryptfs_find_auth_tok_for_sig(&auth_tok_key,
+               rc = ecryptfs_find_auth_tok_for_sig(&auth_tok_key,
                                               &matching_auth_tok,
                                               crypt_stat->mount_crypt_stat,
                                               candidate_auth_tok_sig);
-               if (matching_auth_tok) {
+               if (!rc) {
                        found_auth_tok = 1;
                        goto found_matching_auth_tok;
                }