From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752752AbbC3JvA (ORCPT ); Mon, 30 Mar 2015 05:51:00 -0400 Received: from mx1.redhat.com ([209.132.183.28]:58615 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751792AbbC3Ju4 (ORCPT ); Mon, 30 Mar 2015 05:50:56 -0400 Message-ID: <1427709053.14176.4.camel@redhat.com> Subject: Re: [PATCH 3/4] [SMB3] Fix dereference before null check warning From: Sachin Prabhu To: Steve French Cc: linux-cifs@vger.kernel.org, linux-kernel@vger.kernel.org Date: Mon, 30 Mar 2015 10:50:53 +0100 In-Reply-To: <1427434082-4299-4-git-send-email-smfrench@gmail.com> References: <1427434082-4299-1-git-send-email-smfrench@gmail.com> <1427434082-4299-4-git-send-email-smfrench@gmail.com> Content-Type: text/plain; charset="UTF-8" Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, 2015-03-27 at 00:28 -0500, Steve French wrote: > null tcon is not likely in these paths in current > code, but obviously it does clarify the code to > check for null (if at all) before derefrencing > rather than after. > > Reported by Coverity (CID 1042666) > > Signed-off-by: Steve French ACKed-by: Sachin Prabhu > --- > fs/cifs/smb2pdu.c | 13 ++++++++----- > 1 file changed, 8 insertions(+), 5 deletions(-) > > diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c > index 1b906de..78b329f 100644 > --- a/fs/cifs/smb2pdu.c > +++ b/fs/cifs/smb2pdu.c > @@ -1218,7 +1218,7 @@ SMB2_ioctl(const unsigned int xid, struct cifs_tcon *tcon, u64 persistent_fid, > struct smb2_ioctl_req *req; > struct smb2_ioctl_rsp *rsp; > struct TCP_Server_Info *server; > - struct cifs_ses *ses = tcon->ses; > + struct cifs_ses *ses; > struct kvec iov[2]; > int resp_buftype; > int num_iovecs; > @@ -1233,6 +1233,11 @@ SMB2_ioctl(const unsigned int xid, struct cifs_tcon *tcon, u64 persistent_fid, > if (plen) > *plen = 0; > > + if (tcon) > + ses = tcon->ses; > + else > + return -EIO; > + > if (ses && (ses->server)) > server = ses->server; > else > @@ -1296,14 +1301,12 @@ SMB2_ioctl(const unsigned int xid, struct cifs_tcon *tcon, u64 persistent_fid, > rsp = (struct smb2_ioctl_rsp *)iov[0].iov_base; > > if ((rc != 0) && (rc != -EINVAL)) { > - if (tcon) > - cifs_stats_fail_inc(tcon, SMB2_IOCTL_HE); > + cifs_stats_fail_inc(tcon, SMB2_IOCTL_HE); > goto ioctl_exit; > } else if (rc == -EINVAL) { > if ((opcode != FSCTL_SRV_COPYCHUNK_WRITE) && > (opcode != FSCTL_SRV_COPYCHUNK)) { > - if (tcon) > - cifs_stats_fail_inc(tcon, SMB2_IOCTL_HE); > + cifs_stats_fail_inc(tcon, SMB2_IOCTL_HE); > goto ioctl_exit; > } > }