commit c99658fe970f442199733bcace1a00b087336a0d
author Al Viro <viro@zeniv.linux.org.uk> Thu Dec 24 02:27:30 2009 -0500
committer Al Viro <viro@zeniv.linux.org.uk> Fri Mar 05 09:01:22 2010 -0500
tree b9065b274d8f00639af43bbb8e4eaabcda5b559d
parent a1e28038df98e186807ff55a49c1c26d33d530a5

bail out with ELOOP earlier in do_link loop

If we'd passed through 32 trailing symlinks already, there's
no sense following the 33rd - we'll bail out anyway.  Better
bugger off earlier.

It *does* change behaviour, after a fashion - if the 33rd happens
to be a procfs-style symlink, original code *would* allow it.
This one will not.  Cry me a river if that hurts you.  Please, do.
And post a video of that, while you are at it.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

fs/namei.c

diff --git a/fs/namei.c b/fs/namei.c
index 976fc32..84f1ec3 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -1873,7 +1873,7 @@
 
 do_link:
 	error = -ELOOP;
-	if (flag & O_NOFOLLOW)
+	if ((flag & O_NOFOLLOW) || count++ == 32)
 		goto exit_dput;
 	/*
 	 * This is subtle. Instead of calling do_follow_link() we do the
@@ -1915,11 +1915,6 @@
 		__putname(nd.last.name);
 		goto exit;
 	}
-	error = -ELOOP;
-	if (count++==32) {
-		__putname(nd.last.name);
-		goto exit;
-	}
 	filp = do_last(&nd, &path, open_flag, flag, acc_mode, mode,
 		       pathname, &is_link);
 	__putname(nd.last.name);