xfs
[Top] [All Lists]

[PATCH] xfsprogs/quota: fix NULL pointer dereference in report_f

To: "xfs@xxxxxxxxxxx" <xfs@xxxxxxxxxxx>
Subject: [PATCH] xfsprogs/quota: fix NULL pointer dereference in report_f
From: Jeff Liu <jeff.liu@xxxxxxxxxx>
Date: Thu, 14 Nov 2013 17:49:57 +0800
Delivered-to: xfs@xxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.1.0
From: Jie Liu <jeff.liu@xxxxxxxxxx>

Run xfs_quota report against an invalid XFS path without desired quota
limitation is enabled will hit SEGSEGV as fs_path is uninitialized, e.g.

# xfs_quota -xc 'report -up' /invalid_path
xfs_quota: cannot setup path for mount /invalid_path: No such file or directory
Segmentation fault (core dumped)

(gdb) r -xc 'report -up' /invalid_path
xfs_quota: cannot setup path for mount /invalid_path: No such file or directory

Program received signal SIGSEGV, Segmentation fault.
0x0000000000408b4d in report_f (argc=2, argv=0x105ea70) at report.c:627
627                     else if (fs_path->fs_flags & FS_MOUNT_POINT)

This patch fix report_f() to only do report if the fs_path is initialized.

Signed-off-by: Jie Liu <jeff.liu@xxxxxxxxxx>
---
 quota/report.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/quota/report.c b/quota/report.c
index 70894a2..8e3316e 100644
--- a/quota/report.c
+++ b/quota/report.c
@@ -624,7 +624,7 @@ report_f(
                if (flags & ALL_MOUNTS_FLAG)
                        report_any_type(fp, form, type, NULL,
                                        lower, upper, flags);
-               else if (fs_path->fs_flags & FS_MOUNT_POINT)
+               else if (fs_path && (fs_path->fs_flags & FS_MOUNT_POINT))
                        report_any_type(fp, form, type, fs_path->fs_dir,
                                        lower, upper, flags);
        } else while (argc > optind) {
-- 
1.8.3.2

<Prev in Thread] Current Thread [Next in Thread>