[patch] Null dereference in ext4_ext

linux-ext4.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [patch] Null dereference in ext4_ext_migrate()
@ 2009-02-03  7:49 Dan Carpenter
  2009-02-16  1:06 ` Theodore Tso
  0 siblings, 1 reply; 2+ messages in thread
From: Dan Carpenter @ 2009-02-03  7:49 UTC (permalink / raw)
  To: aneesh.kumar; +Cc: linux-ext4, tytso, adilger

There is a potential null dereference of tmp_inode.

The patch also removes an unnecessary check for whether tmp_inode is null.

This was found through a code checker (http://repo.or.cz/w/smatch.git/). 
It looks like you might be able to trigger the error by trying to migrate 
a readonly file system.  I have only compile tested though, sorry.

regards,
dan carpenter

Signed-off-by: Dan Carpenter <error27@gmail.com>

--- orig/fs/ext4/migrate.c	2009-01-30 23:55:33.000000000 +0300
+++ devel/fs/ext4/migrate.c	2009-01-30 23:57:14.000000000 +0300
@@ -481,7 +481,7 @@
  					+ 1);
  	if (IS_ERR(handle)) {
  		retval = PTR_ERR(handle);
-		goto err_out;
+		return retval;
  	}
  	tmp_inode = ext4_new_inode(handle,
  				inode->i_sb->s_root->d_inode,
@@ -489,8 +489,7 @@
  	if (IS_ERR(tmp_inode)) {
  		retval = -ENOMEM;
  		ext4_journal_stop(handle);
-		tmp_inode = NULL;
-		goto err_out;
+		return retval;
  	}
  	i_size_write(tmp_inode, i_size_read(inode));
  	/*
@@ -618,8 +617,7 @@

  	ext4_journal_stop(handle);

-	if (tmp_inode)
-		iput(tmp_inode);
+	iput(tmp_inode);

  	return retval;
  }

^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: [patch] Null dereference in ext4_ext_migrate()
  2009-02-03  7:49 [patch] Null dereference in ext4_ext_migrate() Dan Carpenter
@ 2009-02-16  1:06 ` Theodore Tso
  0 siblings, 0 replies; 2+ messages in thread
From: Theodore Tso @ 2009-02-16  1:06 UTC (permalink / raw)
  To: Dan Carpenter; +Cc: aneesh.kumar, linux-ext4, adilger

On Tue, Feb 03, 2009 at 10:49:22AM +0300, Dan Carpenter wrote:
> There is a potential null dereference of tmp_inode.
>
> The patch also removes an unnecessary check for whether tmp_inode is null.
>
> This was found through a code checker (http://repo.or.cz/w/smatch.git/).  
> It looks like you might be able to trigger the error by trying to migrate 
> a readonly file system.  I have only compile tested though, sorry.

Thanks, I've included this in the ext4 patch queue to be pushed to Linus.

	     	      	      	       	     	   - Ted

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2009-02-16  2:56 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-02-03  7:49 [patch] Null dereference in ext4_ext_migrate() Dan Carpenter
2009-02-16  1:06 ` Theodore Tso

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).