[PATCH][next][V2] block: don't dereference a potential null bio pointer until is has been null check

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH][next][V2] block: don't dereference a potential null bio pointer until is has been null check
@ 2019-02-19 14:37 ` Colin King
  0 siblings, 0 replies; 4+ messages in thread
From: Colin King @ 2019-02-19 14:37 UTC (permalink / raw)
  To: Jens Axboe, linux-block; +Cc: kernel-janitors, linux-kernel

From: Colin Ian King <colin.king@canonical.com>

The bio pointer is being null checked hence it can be potentially null,
however earlier it is being derefefenced on the assignment of front_seg_size.
Avoid the dereference issue by only assigning front_seg_size after bios has
been null sanity checked.

Fixes: dcebd755926b ("block: use bio_for_each_bvec() to compute multi-page bvec count")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
---

V2: remove front_seg_size assignment when it is declared

---
 block/blk-merge.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/block/blk-merge.c b/block/blk-merge.c
index bed065904677..096947413ea9 100644
--- a/block/blk-merge.c
+++ b/block/blk-merge.c
@@ -363,7 +363,7 @@ static unsigned int __blk_recalc_rq_segments(struct request_queue *q,
 	struct bio_vec bv, bvprv = { NULL };
 	int prev = 0;
 	unsigned int seg_size, nr_phys_segs;
-	unsigned front_seg_size = bio->bi_seg_front_size;
+	unsigned front_seg_size;
 	struct bio *fbio, *bbio;
 	struct bvec_iter iter;
 
@@ -379,6 +379,7 @@ static unsigned int __blk_recalc_rq_segments(struct request_queue *q,
 		return 1;
 	}
 
+	front_seg_size = bio->bi_seg_front_size;
 	fbio = bio;
 	seg_size = 0;
 	nr_phys_segs = 0;
-- 
2.20.1

^ permalink raw reply related	[flat|nested] 4+ messages in thread

* [PATCH][next][V2] block: don't dereference a potential null bio pointer until is has been null checked
@ 2019-02-19 14:37 ` Colin King
  0 siblings, 0 replies; 4+ messages in thread
From: Colin King @ 2019-02-19 14:37 UTC (permalink / raw)
  To: Jens Axboe, linux-block; +Cc: kernel-janitors, linux-kernel

From: Colin Ian King <colin.king@canonical.com>

The bio pointer is being null checked hence it can be potentially null,
however earlier it is being derefefenced on the assignment of front_seg_size.
Avoid the dereference issue by only assigning front_seg_size after bios has
been null sanity checked.

Fixes: dcebd755926b ("block: use bio_for_each_bvec() to compute multi-page bvec count")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
---

V2: remove front_seg_size assignment when it is declared

---
 block/blk-merge.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/block/blk-merge.c b/block/blk-merge.c
index bed065904677..096947413ea9 100644
--- a/block/blk-merge.c
+++ b/block/blk-merge.c
@@ -363,7 +363,7 @@ static unsigned int __blk_recalc_rq_segments(struct request_queue *q,
 	struct bio_vec bv, bvprv = { NULL };
 	int prev = 0;
 	unsigned int seg_size, nr_phys_segs;
-	unsigned front_seg_size = bio->bi_seg_front_size;
+	unsigned front_seg_size;
 	struct bio *fbio, *bbio;
 	struct bvec_iter iter;
 
@@ -379,6 +379,7 @@ static unsigned int __blk_recalc_rq_segments(struct request_queue *q,
 		return 1;
 	}
 
+	front_seg_size = bio->bi_seg_front_size;
 	fbio = bio;
 	seg_size = 0;
 	nr_phys_segs = 0;
-- 
2.20.1


^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH][next][V2] block: don't dereference a potential null bio pointer until is has been null c
  2019-02-19 14:37 ` [PATCH][next][V2] block: don't dereference a potential null bio pointer until is has been null checked Colin King
@ 2019-02-19 14:40   ` Dan Carpenter
  -1 siblings, 0 replies; 4+ messages in thread
From: Dan Carpenter @ 2019-02-19 14:40 UTC (permalink / raw)
  To: Colin King; +Cc: Jens Axboe, linux-block, kernel-janitors, linux-kernel

On Tue, Feb 19, 2019 at 02:37:02PM +0000, Colin King wrote:
> From: Colin Ian King <colin.king@canonical.com>
> 
> The bio pointer is being null checked hence it can be potentially null,
> however earlier it is being derefefenced on the assignment of front_seg_size.
> Avoid the dereference issue by only assigning front_seg_size after bios has
> been null sanity checked.
> 
> Fixes: dcebd755926b ("block: use bio_for_each_bvec() to compute multi-page bvec count")
> Signed-off-by: Colin Ian King <colin.king@canonical.com>
> ---
> 
> V2: remove front_seg_size assignment when it is declared
> 
> ---
>  block/blk-merge.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/block/blk-merge.c b/block/blk-merge.c
> index bed065904677..096947413ea9 100644
> --- a/block/blk-merge.c
> +++ b/block/blk-merge.c
> @@ -363,7 +363,7 @@ static unsigned int __blk_recalc_rq_segments(struct request_queue *q,
>  	struct bio_vec bv, bvprv = { NULL };
>  	int prev = 0;
>  	unsigned int seg_size, nr_phys_segs;
> -	unsigned front_seg_size = bio->bi_seg_front_size;
> +	unsigned front_seg_size;

Smatch says bio is non-NULL but I didn't verify by hand.

regards,
dan carpenter

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH][next][V2] block: don't dereference a potential null bio pointer until is has been null checked
@ 2019-02-19 14:40   ` Dan Carpenter
  0 siblings, 0 replies; 4+ messages in thread
From: Dan Carpenter @ 2019-02-19 14:40 UTC (permalink / raw)
  To: Colin King; +Cc: Jens Axboe, linux-block, kernel-janitors, linux-kernel

On Tue, Feb 19, 2019 at 02:37:02PM +0000, Colin King wrote:
> From: Colin Ian King <colin.king@canonical.com>
> 
> The bio pointer is being null checked hence it can be potentially null,
> however earlier it is being derefefenced on the assignment of front_seg_size.
> Avoid the dereference issue by only assigning front_seg_size after bios has
> been null sanity checked.
> 
> Fixes: dcebd755926b ("block: use bio_for_each_bvec() to compute multi-page bvec count")
> Signed-off-by: Colin Ian King <colin.king@canonical.com>
> ---
> 
> V2: remove front_seg_size assignment when it is declared
> 
> ---
>  block/blk-merge.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/block/blk-merge.c b/block/blk-merge.c
> index bed065904677..096947413ea9 100644
> --- a/block/blk-merge.c
> +++ b/block/blk-merge.c
> @@ -363,7 +363,7 @@ static unsigned int __blk_recalc_rq_segments(struct request_queue *q,
>  	struct bio_vec bv, bvprv = { NULL };
>  	int prev = 0;
>  	unsigned int seg_size, nr_phys_segs;
> -	unsigned front_seg_size = bio->bi_seg_front_size;
> +	unsigned front_seg_size;

Smatch says bio is non-NULL but I didn't verify by hand.

regards,
dan carpenter


^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2019-02-19 14:40 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-02-19 14:37 [PATCH][next][V2] block: don't dereference a potential null bio pointer until is has been null check Colin King
2019-02-19 14:37 ` [PATCH][next][V2] block: don't dereference a potential null bio pointer until is has been null checked Colin King
2019-02-19 14:40 ` [PATCH][next][V2] block: don't dereference a potential null bio pointer until is has been null c Dan Carpenter
2019-02-19 14:40   ` [PATCH][next][V2] block: don't dereference a potential null bio pointer until is has been null checked Dan Carpenter

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.