[PATCH] NFSv4.2: fix error handling in nfs42_proc

linux-nfs.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH] NFSv4.2: fix error handling in nfs42_proc_getxattr
@ 2023-07-25 11:58 Fedor Pchelkin
  2023-07-26 15:04 ` Benjamin Coddington
  0 siblings, 1 reply; 2+ messages in thread
From: Fedor Pchelkin @ 2023-07-25 11:58 UTC (permalink / raw)
  To: Trond Myklebust
  Cc: Fedor Pchelkin, Anna Schumaker, Frank van der Linden,
	Benjamin Coddington, linux-nfs, linux-kernel, Alexey Khoroshilov,
	lvc-project

There is a slight issue with error handling code inside
nfs42_proc_getxattr(). If page allocating loop fails then we free the
failing page array element which is NULL but __free_page() can't deal with
NULL args.

Found by Linux Verification Center (linuxtesting.org).

Fixes: a1f26739ccdc ("NFSv4.2: improve page handling for GETXATTR")
Signed-off-by: Fedor Pchelkin <pchelkin@ispras.ru>
---
 fs/nfs/nfs42proc.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/fs/nfs/nfs42proc.c b/fs/nfs/nfs42proc.c
index 63802d195556..49f78e23b34c 100644
--- a/fs/nfs/nfs42proc.c
+++ b/fs/nfs/nfs42proc.c
@@ -1377,7 +1377,6 @@ ssize_t nfs42_proc_getxattr(struct inode *inode, const char *name,
 	for (i = 0; i < np; i++) {
 		pages[i] = alloc_page(GFP_KERNEL);
 		if (!pages[i]) {
-			np = i + 1;
 			err = -ENOMEM;
 			goto out;
 		}
@@ -1401,8 +1400,8 @@ ssize_t nfs42_proc_getxattr(struct inode *inode, const char *name,
 	} while (exception.retry);
 
 out:
-	while (--np >= 0)
-		__free_page(pages[np]);
+	while (--i >= 0)
+		__free_page(pages[i]);
 	kfree(pages);
 
 	return err;
-- 
2.41.0


^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: [PATCH] NFSv4.2: fix error handling in nfs42_proc_getxattr
  2023-07-25 11:58 [PATCH] NFSv4.2: fix error handling in nfs42_proc_getxattr Fedor Pchelkin
@ 2023-07-26 15:04 ` Benjamin Coddington
  0 siblings, 0 replies; 2+ messages in thread
From: Benjamin Coddington @ 2023-07-26 15:04 UTC (permalink / raw)
  To: Fedor Pchelkin
  Cc: Trond Myklebust, Anna Schumaker, Frank van der Linden, linux-nfs,
	linux-kernel, Alexey Khoroshilov, lvc-project

On 25 Jul 2023, at 7:58, Fedor Pchelkin wrote:

> There is a slight issue with error handling code inside
> nfs42_proc_getxattr(). If page allocating loop fails then we free the
> failing page array element which is NULL but __free_page() can't deal with
> NULL args.
>
> Found by Linux Verification Center (linuxtesting.org).
>
> Fixes: a1f26739ccdc ("NFSv4.2: improve page handling for GETXATTR")
> Signed-off-by: Fedor Pchelkin <pchelkin@ispras.ru>

Looks right to me,

Reviewed-by: Benjamin Coddington <bcodding@redhat.com>

Ben


^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2023-07-26 15:07 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-07-25 11:58 [PATCH] NFSv4.2: fix error handling in nfs42_proc_getxattr Fedor Pchelkin
2023-07-26 15:04 ` Benjamin Coddington

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).