[Top] [All Lists]

[PATCH V2] xfs: fix NULL pointer dereference in xfs_filestream_lookup_ag

To: Eric Sandeen <sandeen@xxxxxxxxxx>, xfs-oss <xfs@xxxxxxxxxxx>
Subject: [PATCH V2] xfs: fix NULL pointer dereference in xfs_filestream_lookup_ag()
From: Eric Sandeen <sandeen@xxxxxxxxxxx>
Date: Wed, 04 Mar 2015 15:08:21 -0600
Cc: Adrien Nader <adrien@xxxxxxxx>
Delivered-to: xfs@xxxxxxxxxxx
In-reply-to: <54F61641.1010708@xxxxxxxxxx>
References: <54F61641.1010708@xxxxxxxxxx>
If xfs_filestream_get_parent() fails, we have a null pip,
goto out, and attempt to IRELE(NULL).  This causes a null
pointer dereference and BUG().

Fix this by directly returning NULLAGNUMBER in this case.

Reported-by: Adrien Nader <adrien@xxxxxxxx>
Signed-off-by: Eric Sandeen <sandeen@xxxxxxxxxx>

V2: skip the goto, because Dave doesn't like it.  ;)

diff --git a/fs/xfs/xfs_filestream.c b/fs/xfs/xfs_filestream.c
index a2e86e8..8f9f854 100644
--- a/fs/xfs/xfs_filestream.c
+++ b/fs/xfs/xfs_filestream.c
@@ -322,7 +322,7 @@ xfs_filestream_lookup_ag(
        pip = xfs_filestream_get_parent(ip);
        if (!pip)
-               goto out;
+               return NULLAGNUMBER;
        mru = xfs_mru_cache_lookup(mp->m_filestream, pip->i_ino);
        if (mru) {

<Prev in Thread] Current Thread [Next in Thread>