xfs
[Top] [All Lists]

Re: [PATCH] xfs: don't release NULL pip in xfs_filestream_lookup_ag()

To: Eric Sandeen <sandeen@xxxxxxxxxx>
Subject: Re: [PATCH] xfs: don't release NULL pip in xfs_filestream_lookup_ag()
From: Dave Chinner <david@xxxxxxxxxxxxx>
Date: Wed, 4 Mar 2015 08:30:35 +1100
Cc: xfs-oss <xfs@xxxxxxxxxxx>, Adrien Nader <adrien@xxxxxxxx>
Delivered-to: xfs@xxxxxxxxxxx
In-reply-to: <54F61641.1010708@xxxxxxxxxx>
References: <54F61641.1010708@xxxxxxxxxx>
User-agent: Mutt/1.5.21 (2010-09-15)
On Tue, Mar 03, 2015 at 02:14:57PM -0600, Eric Sandeen wrote:
> If xfs_filestream_get_parent() fails, we have a null pip,
> goto out, and attempt to IRELE(NULL).  This causes a null
> pointer dereference and BUG().
> 
> Fix this by testing for pip before trying to release it.
> 
> Reported-by: Adrien Nader <adrien@xxxxxxxx>
> Signed-off-by: Eric Sandeen <sandeen@xxxxxxxxxx>
> ---
> 
> diff --git a/fs/xfs/xfs_filestream.c b/fs/xfs/xfs_filestream.c
> index a2e86e8..fb09a63 100644
> --- a/fs/xfs/xfs_filestream.c
> +++ b/fs/xfs/xfs_filestream.c
> @@ -348,7 +348,8 @@ xfs_filestream_lookup_ag(
>       if (xfs_filestream_pick_ag(pip, startag, &ag, 0, 0))
>               ag = NULLAGNUMBER;
>  out:
> -     IRELE(pip);
> +     if (pip)
> +             IRELE(pip);
>       return ag;
>  }
>  

I'd just convert the error case when get_parent fails to:

        if (!pip)
                return NULLAGNUMBER;

rather than using the goto and adding conditional cleanup for this
case.

Cheers,

Dave.
-- 
Dave Chinner
david@xxxxxxxxxxxxx

<Prev in Thread] Current Thread [Next in Thread>