From c99658fe970f442199733bcace1a00b087336a0d Mon Sep 17 00:00:00 2001
From: Al Viro <viro@zeniv.linux.org.uk>
Date: Thu, 24 Dec 2009 02:27:30 -0500
Subject: [PATCH] bail out with ELOOP earlier in do_link loop

If we'd passed through 32 trailing symlinks already, there's
no sense following the 33rd - we'll bail out anyway.  Better
bugger off earlier.

It *does* change behaviour, after a fashion - if the 33rd happens
to be a procfs-style symlink, original code *would* allow it.
This one will not.  Cry me a river if that hurts you.  Please, do.
And post a video of that, while you are at it.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
---
 fs/namei.c | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/fs/namei.c b/fs/namei.c
index 976fc32..84f1ec3 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -1873,7 +1873,7 @@ exit_parent:
 
 do_link:
 	error = -ELOOP;
-	if (flag & O_NOFOLLOW)
+	if ((flag & O_NOFOLLOW) || count++ == 32)
 		goto exit_dput;
 	/*
 	 * This is subtle. Instead of calling do_follow_link() we do the
@@ -1915,11 +1915,6 @@ do_link:
 		__putname(nd.last.name);
 		goto exit;
 	}
-	error = -ELOOP;
-	if (count++==32) {
-		__putname(nd.last.name);
-		goto exit;
-	}
 	filp = do_last(&nd, &path, open_flag, flag, acc_mode, mode,
 		       pathname, &is_link);
 	__putname(nd.last.name);
-- 
1.8.2.3