From: Eric Sandeen <sandeen@redhat.com>
To: Lukas Czerner <lczerner@redhat.com>
Cc: Shaohua Li <shaohua.li@intel.com>,
linux-ext4@vger.kernel.org, "Ted Ts'o" <tytso@mit.edu>
Subject: Re: [patch]check NULL pointer
Date: Thu, 09 Jun 2011 09:51:46 -0500 [thread overview]
Message-ID: <4DF0DE02.1090008@redhat.com> (raw)
In-Reply-To: <alpine.LFD.2.00.1106091112560.4138@dhcp-27-109.brq.redhat.com>
On 6/9/11 4:24 AM, Lukas Czerner wrote:
> On Thu, 9 Jun 2011, Shaohua Li wrote:
>
>> orig_data could be NULL.
>
> Now, that is the commit description :). Could you please be more
> descriptive in the "descritpion" ? Also the subject is not right either,
> please see Documentation/SubmittingPatches
Yes; if possible please use the commit message to describe how/why orig_data
can be NULL; a testcase if one exists; the resulting flaw (null pointer deref?)
etc.
something like:
Subject: [PATCH] ext4: check for NULL orig_data pointer in mount paths
The orig_data pointer in ext4_fill_super() and ext4_remount()
can be null if < ??? >, which can lead to < ??? > in the mount
and remount paths. This can be demonstrated by < ??? >.
To avoid this, we can simply test for the null pointer
and return an error in ext4_fill_super() and ext4_remount().
> Thanks!
> -Lukas
>
>>
>> Signed-off-by: Shaohua Li <shaohua.li@intel.com>
>>
>> diff --git a/fs/ext4/super.c b/fs/ext4/super.c
>> index cc5c157..45fc255 100644
>> --- a/fs/ext4/super.c
>> +++ b/fs/ext4/super.c
>> @@ -3057,6 +3057,8 @@ static int ext4_fill_super(struct super_block *sb, void *data, int silent)
>> unsigned int journal_ioprio = DEFAULT_JOURNAL_IOPRIO;
>> ext4_group_t first_not_zeroed;
>>
>> + if (!orig_data)
>> + return ret;
>
> Again no data, no reason for backing off.
orig_data could be NULL if *data is NULL, or if kstrdup got ENOMEM.
Anyway, please describe how the bug can arise, and then we can better evaluate the change.
Thanks!
-Eric
>> sbi = kzalloc(sizeof(*sbi), GFP_KERNEL);
>> if (!sbi)
>> goto out_free_orig;
>> @@ -4285,6 +4287,8 @@ static int ext4_remount(struct super_block *sb, int *flags, char *data)
>> #endif
>> char *orig_data = kstrdup(data, GFP_KERNEL);
>>
>> + if (!orig_data)
>> + return -ENOMEM;
>
>
> This does not seem right, it there is no data we will end with ENOMEM
> for no reason.
>
>> /* Store the original options */
>> lock_super(sb);
>> old_sb_flags = sb->s_flags;
>>
>>
>> --
>> To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
>> the body of a message to majordomo@vger.kernel.org
>> More majordomo info at http://vger.kernel.org/majordomo-info.html
>>
>
next prev parent reply other threads:[~2011-06-09 14:51 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-06-09 3:31 [patch]check NULL pointer Shaohua Li
2011-06-09 9:24 ` Lukas Czerner
2011-06-09 14:51 ` Eric Sandeen [this message]
2011-06-10 6:34 ` Shaohua Li
2011-06-10 8:32 ` Lukas Czerner
2011-06-13 7:30 ` Shaohua Li
2011-06-13 9:20 ` Lukas Czerner
2011-06-13 21:02 ` Ted Ts'o
2011-06-14 0:31 ` Shaohua Li
2011-06-14 10:07 ` Lukas Czerner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4DF0DE02.1090008@redhat.com \
--to=sandeen@redhat.com \
--cc=lczerner@redhat.com \
--cc=linux-ext4@vger.kernel.org \
--cc=shaohua.li@intel.com \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.