From e6b1059ffaeac794bf1a76fd35947c7c6ac4cb57 Mon Sep 17 00:00:00 2001
From: Marios Makassikis <mmakassikis@freebox.fr>
Date: Thu, 15 Apr 2021 10:24:56 +0900
Subject: [PATCH] cifsd: Fix potential null-ptr-deref in smb2_open()

Fix potential null-ptr-deref in smb2_open().

Signed-off-by: Marios Makassikis <mmakassikis@freebox.fr>
Signed-off-by: Namjae Jeon <namjae.jeon@samsung.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
---
 fs/cifsd/smb2pdu.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/fs/cifsd/smb2pdu.c b/fs/cifsd/smb2pdu.c
index 1ff0b20ff7b8..ba552b8f2127 100644
--- a/fs/cifsd/smb2pdu.c
+++ b/fs/cifsd/smb2pdu.c
@@ -2918,13 +2918,16 @@ int smb2_open(struct ksmbd_work *work)
 					fattr.cf_gid = inode->i_gid;
 					fattr.cf_mode = inode->i_mode;
 					fattr.cf_dacls = NULL;
+					ace_num = 0;
 
 					fattr.cf_acls = ksmbd_vfs_get_acl(inode, ACL_TYPE_ACCESS);
-					ace_num = fattr.cf_acls->a_count;
+					if (fattr.cf_acls)
+						ace_num = fattr.cf_acls->a_count;
 					if (S_ISDIR(inode->i_mode)) {
 						fattr.cf_dacls =
 							ksmbd_vfs_get_acl(inode, ACL_TYPE_DEFAULT);
-						ace_num += fattr.cf_dacls->a_count;
+						if (fattr.cf_dacls)
+							ace_num += fattr.cf_dacls->a_count;
 					}
 
 					pntsd = kmalloc(sizeof(struct smb_ntsd) +