[PATCH] btrfs: backref: this patch fixes a null pointer dereference bug.

Linux Btrfs filesystem development
 help / color / mirror / Atom feed

* [PATCH] btrfs: backref: this patch fixes a null pointer dereference bug.
@ 2020-08-06  6:31 Boleyn Su
  2020-08-06  6:45 ` Nikolay Borisov
  2020-08-06  7:03 ` Qu Wenruo
  0 siblings, 2 replies; 4+ messages in thread
From: Boleyn Su @ 2020-08-06  6:31 UTC (permalink / raw)
  Cc: Boleyn Su, Chris Mason, Josef Bacik, David Sterba, Boleyn Su,
	linux-btrfs

The `if (!ret)` check will always be false and it may result in ret->path
being dereferenced while it is a null pointer.

Fixes: a37f232b7b65 ("btrfs: backref: introduce the skeleton of btrfs_backref_iter")
Cc: Chris Mason <clm@fb.com>
Cc: Josef Bacik <josef@toxicpanda.com>
Cc: David Sterba <dsterba@suse.com>
Cc: Boleyn Su <boleyn.su@gmail.com>
Cc: linux-btrfs@vger.kernel.org
Signed-off-by: Boleyn Su <boleynsu@google.com>
---
 fs/btrfs/backref.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/btrfs/backref.c b/fs/btrfs/backref.c
index ea10f7bc9..ea1c28ccb 100644
--- a/fs/btrfs/backref.c
+++ b/fs/btrfs/backref.c
@@ -2303,7 +2303,7 @@ struct btrfs_backref_iter *btrfs_backref_iter_alloc(
 		return NULL;
 
 	ret->path = btrfs_alloc_path();
-	if (!ret) {
+	if (!ret->path) {
 		kfree(ret);
 		return NULL;
 	}
-- 
2.28.0.163.g6104cc2f0b6-goog


^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH] btrfs: backref: this patch fixes a null pointer dereference bug.
  2020-08-06  6:31 [PATCH] btrfs: backref: this patch fixes a null pointer dereference bug Boleyn Su
@ 2020-08-06  6:45 ` Nikolay Borisov
  2020-08-06  7:03 ` Qu Wenruo
  1 sibling, 0 replies; 4+ messages in thread
From: Nikolay Borisov @ 2020-08-06  6:45 UTC (permalink / raw)
  To: Boleyn Su; +Cc: Chris Mason, Josef Bacik, David Sterba, Boleyn Su, linux-btrfs



On 6.08.20 г. 9:31 ч., Boleyn Su wrote:
> The `if (!ret)` check will always be false and it may result in ret->path
> being dereferenced while it is a null pointer.
> 
> Fixes: a37f232b7b65 ("btrfs: backref: introduce the skeleton of btrfs_backref_iter")
> Cc: Chris Mason <clm@fb.com>
> Cc: Josef Bacik <josef@toxicpanda.com>
> Cc: David Sterba <dsterba@suse.com>
> Cc: Boleyn Su <boleyn.su@gmail.com>
> Cc: linux-btrfs@vger.kernel.org> Signed-off-by: Boleyn Su <boleynsu@google.com>

Reviewed-by: Nikolay Borisov <nborisov@suse.com>

> ---
>  fs/btrfs/backref.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/fs/btrfs/backref.c b/fs/btrfs/backref.c
> index ea10f7bc9..ea1c28ccb 100644
> --- a/fs/btrfs/backref.c
> +++ b/fs/btrfs/backref.c
> @@ -2303,7 +2303,7 @@ struct btrfs_backref_iter *btrfs_backref_iter_alloc(
>  		return NULL;
>  
>  	ret->path = btrfs_alloc_path();
> -	if (!ret) {
> +	if (!ret->path) {
>  		kfree(ret);
>  		return NULL;
>  	}
> 

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] btrfs: backref: this patch fixes a null pointer dereference bug.
  2020-08-06  6:31 [PATCH] btrfs: backref: this patch fixes a null pointer dereference bug Boleyn Su
  2020-08-06  6:45 ` Nikolay Borisov
@ 2020-08-06  7:03 ` Qu Wenruo
       [not found]   ` <CAJkxivDhyn9ZbNyhKgs1KcTjzz_2UFMVKDi0SLkvb=O3iZ4rZA@mail.gmail.com>
  1 sibling, 1 reply; 4+ messages in thread
From: Qu Wenruo @ 2020-08-06  7:03 UTC (permalink / raw)
  To: Boleyn Su; +Cc: Chris Mason, Josef Bacik, David Sterba, Boleyn Su, linux-btrfs


[-- Attachment #1.1: Type: text/plain, Size: 1042 bytes --]



On 2020/8/6 下午2:31, Boleyn Su wrote:
> The `if (!ret)` check will always be false and it may result in ret->path
> being dereferenced while it is a null pointer.
> 
> Fixes: a37f232b7b65 ("btrfs: backref: introduce the skeleton of btrfs_backref_iter")
> Cc: Chris Mason <clm@fb.com>
> Cc: Josef Bacik <josef@toxicpanda.com>
> Cc: David Sterba <dsterba@suse.com>
> Cc: Boleyn Su <boleyn.su@gmail.com>
> Cc: linux-btrfs@vger.kernel.org
> Signed-off-by: Boleyn Su <boleynsu@google.com>

Nice catch.

Reviewed-by: Qu Wenruo <wqu@suse.com>

Thanks,
Qu
> ---
>  fs/btrfs/backref.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/fs/btrfs/backref.c b/fs/btrfs/backref.c
> index ea10f7bc9..ea1c28ccb 100644
> --- a/fs/btrfs/backref.c
> +++ b/fs/btrfs/backref.c
> @@ -2303,7 +2303,7 @@ struct btrfs_backref_iter *btrfs_backref_iter_alloc(
>  		return NULL;
>  
>  	ret->path = btrfs_alloc_path();
> -	if (!ret) {
> +	if (!ret->path) {
>  		kfree(ret);
>  		return NULL;
>  	}
> 


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

^ permalink raw reply	[flat|nested] 4+ messages in thread

[parent not found: <CAJkxivDhyn9ZbNyhKgs1KcTjzz_2UFMVKDi0SLkvb=O3iZ4rZA@mail.gmail.com>]

* Re: [PATCH] btrfs: backref: this patch fixes a null pointer dereference bug.
       [not found]   ` <CAJkxivDhyn9ZbNyhKgs1KcTjzz_2UFMVKDi0SLkvb=O3iZ4rZA@mail.gmail.com>
@ 2020-08-07  5:40     ` Qu Wenruo
  0 siblings, 0 replies; 4+ messages in thread
From: Qu Wenruo @ 2020-08-07  5:40 UTC (permalink / raw)
  To: Boleyn Su; +Cc: Chris Mason, Josef Bacik, David Sterba, Boleyn Su, linux-btrfs


[-- Attachment #1.1: Type: text/plain, Size: 2228 bytes --]



On 2020/8/7 上午11:34, Boleyn Su wrote:
> Thanks for the review. BTW, do I need to do anything else or just leave
> it to you?
>

If you mean adding the extra reviewed-by tags, no. It's handled by the
awesome maintainer David.

But if you mean to find more btrfs bugs, then keep going your awesome work!

Thanks,
Qu

> On Thu, Aug 6, 2020 at 4:04 PM Qu Wenruo <quwenruo.btrfs@gmx.com
> <mailto:quwenruo.btrfs@gmx.com>> wrote:
> 
> 
> 
>     On 2020/8/6 下午2:31, Boleyn Su wrote:
>     > The `if (!ret)` check will always be false and it may result in
>     ret->path
>     > being dereferenced while it is a null pointer.
>     >
>     > Fixes: a37f232b7b65 ("btrfs: backref: introduce the skeleton of
>     btrfs_backref_iter")
>     > Cc: Chris Mason <clm@fb.com <mailto:clm@fb.com>>
>     > Cc: Josef Bacik <josef@toxicpanda.com <mailto:josef@toxicpanda.com>>
>     > Cc: David Sterba <dsterba@suse.com <mailto:dsterba@suse.com>>
>     > Cc: Boleyn Su <boleyn.su@gmail.com <mailto:boleyn.su@gmail.com>>
>     > Cc: linux-btrfs@vger.kernel.org <mailto:linux-btrfs@vger.kernel.org>
>     > Signed-off-by: Boleyn Su <boleynsu@google.com
>     <mailto:boleynsu@google.com>>
> 
>     Nice catch.
> 
>     Reviewed-by: Qu Wenruo <wqu@suse.com <mailto:wqu@suse.com>>
> 
>     Thanks,
>     Qu
>     > ---
>     >  fs/btrfs/backref.c | 2 +-
>     >  1 file changed, 1 insertion(+), 1 deletion(-)
>     >
>     > diff --git a/fs/btrfs/backref.c b/fs/btrfs/backref.c
>     > index ea10f7bc9..ea1c28ccb 100644
>     > --- a/fs/btrfs/backref.c
>     > +++ b/fs/btrfs/backref.c
>     > @@ -2303,7 +2303,7 @@ struct btrfs_backref_iter
>     *btrfs_backref_iter_alloc(
>     >               return NULL;
>     > 
>     >       ret->path = btrfs_alloc_path();
>     > -     if (!ret) {
>     > +     if (!ret->path) {
>     >               kfree(ret);
>     >               return NULL;
>     >       }
>     >
> 
> 
> 
> -- 
> Boleyn Su (simplified Chinese: 苏蕉; traditional Chinese: 蘇蕉; Pinyin:
> Sū Jiāo; Katakana: スージャオ)
> 
> My PGP public key is available at boleyn.su/pgp <https://boleyn.su/pgp>.


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2020-08-07  5:41 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-08-06  6:31 [PATCH] btrfs: backref: this patch fixes a null pointer dereference bug Boleyn Su
2020-08-06  6:45 ` Nikolay Borisov
2020-08-06  7:03 ` Qu Wenruo
     [not found]   ` <CAJkxivDhyn9ZbNyhKgs1KcTjzz_2UFMVKDi0SLkvb=O3iZ4rZA@mail.gmail.com>
2020-08-07  5:40     ` Qu Wenruo

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox