| To: | Eric Sandeen <sandeen@xxxxxxxxxx> |
|---|---|
| Subject: | Re: [PATCH] xfs: don't release NULL pip in xfs_filestream_lookup_ag() |
| From: | Dave Chinner <david@xxxxxxxxxxxxx> |
| Date: | Wed, 4 Mar 2015 08:30:35 +1100 |
| Cc: | xfs-oss <xfs@xxxxxxxxxxx>, Adrien Nader <adrien@xxxxxxxx> |
| Delivered-to: | xfs@xxxxxxxxxxx |
| In-reply-to: | <54F61641.1010708@xxxxxxxxxx> |
| References: | <54F61641.1010708@xxxxxxxxxx> |
| User-agent: | Mutt/1.5.21 (2010-09-15) |
On Tue, Mar 03, 2015 at 02:14:57PM -0600, Eric Sandeen wrote:
> If xfs_filestream_get_parent() fails, we have a null pip,
> goto out, and attempt to IRELE(NULL). This causes a null
> pointer dereference and BUG().
>
> Fix this by testing for pip before trying to release it.
>
> Reported-by: Adrien Nader <adrien@xxxxxxxx>
> Signed-off-by: Eric Sandeen <sandeen@xxxxxxxxxx>
> ---
>
> diff --git a/fs/xfs/xfs_filestream.c b/fs/xfs/xfs_filestream.c
> index a2e86e8..fb09a63 100644
> --- a/fs/xfs/xfs_filestream.c
> +++ b/fs/xfs/xfs_filestream.c
> @@ -348,7 +348,8 @@ xfs_filestream_lookup_ag(
> if (xfs_filestream_pick_ag(pip, startag, &ag, 0, 0))
> ag = NULLAGNUMBER;
> out:
> - IRELE(pip);
> + if (pip)
> + IRELE(pip);
> return ag;
> }
>
I'd just convert the error case when get_parent fails to:
if (!pip)
return NULLAGNUMBER;
rather than using the goto and adding conditional cleanup for this
case.
Cheers,
Dave.
--
Dave Chinner
david@xxxxxxxxxxxxx
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: [PATCH] [RFC] Implement XFS_IOC_FSBULKSTAT_RANGE ioctl, Eric Sandeen |
|---|---|
| Next by Date: | Re: [regression v4.0-rc1] mm: IPIs from TLB flushes causing significant performance degradation., Dave Chinner |
| Previous by Thread: | [PATCH] xfs: don't release NULL pip in xfs_filestream_lookup_ag(), Eric Sandeen |
| Next by Thread: | [PATCH V2] xfs: fix NULL pointer dereference in xfs_filestream_lookup_ag(), Eric Sandeen |
| Indexes: | [Date] [Thread] [Top] [All Lists] |