fs: handle failed audit_log_start properly

audit_log_start() may return NULL, this is unchecked by the caller in
audit_log_link_denied() and could cause a NULL ptr deref.

Introduced by commit a51d9eaa ("fs: add link restriction audit reporting").

Signed-off-by: Sasha Levin <[email protected]>
Signed-off-by: Al Viro <[email protected]>

diff --git a/kernel/audit.c b/kernel/audit.c
index 4d0ceede33194e4d29334899ce3c85dba141fb65..40414e9143db609b194b04e95c798351118f07b7 100644 (file)
--- a/kernel/audit.c
+++ b/kernel/audit.c
@@ -1440,6 +1440,8 @@ void audit_log_link_denied(const char *operation, struct path *link)
 
        ab = audit_log_start(current->audit_context, GFP_KERNEL,
                             AUDIT_ANOM_LINK);
+       if (!ab)
+               return;
        audit_log_format(ab, "op=%s action=denied", operation);
        audit_log_format(ab, " pid=%d comm=", current->pid);
        audit_log_untrustedstring(ab, current->comm);