From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 29DF63C5CA5; Sat, 28 Feb 2026 17:39:34 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1772300374; cv=none; b=tpucmjN3MNPsildPu7mRNZLTGjneZd020B6ZkDxsIIrMsa2Kgp4BVKXlHWd6mHZ1BTn2shCTOKa9pVAwnxWy2vjh/nJWlByf5O+f3vCDCgrQwmaMCJYoqAwG//oz5DKcMZ0INlt6rs/8ZJUq56AaGFs1ubYVPCYAWOtXmF7xGk0= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1772300374; c=relaxed/simple; bh=p8922vCtxBCG5X3sTHGfzms+45v893kkBlH0TnDgQZs=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=hgvEQOAlHka6gYMCF4bRh5c/KK/RL0Cvjm6K7wESY0cEh7J7HZE5GZnVz2t4vexo5K5yPi3d00RQ3jN5yIWLakwZa359TEoTqb87W9UJEJvhIHdLWeDB3tTdeMkyak4wf6S/KXH5AZOiPaIqEKPF0EqfaV+wGl7lRFb4MDI38Z8= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=fU6zCZWn; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="fU6zCZWn" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 608C9C116D0; Sat, 28 Feb 2026 17:39:33 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1772300374; bh=p8922vCtxBCG5X3sTHGfzms+45v893kkBlH0TnDgQZs=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=fU6zCZWnt08WFbwYF0kAyyc+joSwgnhlxv2x980kB7VNCUoH3NoVwJvtcJDsqZP8J hq1aokkYhI+g0w50Vdi0NWS6aLIYIuqEPETXtvlRimJ0k5jvVV3PgtsbO3c76Py0xD m89IqWcAcX8Ke+Y0Keh6aZFx2b7Tn7xKQOL0zdD5KbQlqXIlmqfGLquVP9nbicB/ku Wcv3ZDfc8qw8gTiiAJ4iY5uSiNFIk934I2IGVs1ZLGX3yn0qMGm43tLG3YVI4lLwHx +yuiwy90b0Y+J7SRj0yA9gzOMLACWFAuwX6KB2puwQ4ns0xZAMCThFsAfAIHxGS6CX USQu2gmin2GRQ== From: Sasha Levin To: linux-kernel@vger.kernel.org, stable@vger.kernel.org Cc: Konstantin Komarov , kernel test robot , Dan Carpenter , Sasha Levin Subject: [PATCH 6.19 409/844] fs/ntfs3: avoid calling run_get_entry() when run == NULL in ntfs_read_run_nb_ra() Date: Sat, 28 Feb 2026 12:25:22 -0500 Message-ID: <20260228173244.1509663-410-sashal@kernel.org> X-Mailer: git-send-email 2.51.0 In-Reply-To: <20260228173244.1509663-1-sashal@kernel.org> References: <20260228173244.1509663-1-sashal@kernel.org> Precedence: bulk X-Mailing-List: stable@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-stable: review X-Patchwork-Hint: Ignore Content-Transfer-Encoding: 8bit From: Konstantin Komarov [ Upstream commit c5226b96c08a010ebef5fdf4c90572bcd89e4299 ] When ntfs_read_run_nb_ra() is invoked with run == NULL the code later assumes run is valid and may call run_get_entry(NULL, ...), and also uses clen/idx without initializing them. Smatch reported uninitialized variable warnings and this can lead to undefined behaviour. This patch fixes it. Reported-by: kernel test robot Reported-by: Dan Carpenter Closes: https://lore.kernel.org/r/202512230646.v5hrYXL0-lkp@intel.com/ Signed-off-by: Konstantin Komarov Signed-off-by: Sasha Levin --- fs/ntfs3/fsntfs.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/fs/ntfs3/fsntfs.c b/fs/ntfs3/fsntfs.c index bd67ba7b50153..ea5b673462c35 100644 --- a/fs/ntfs3/fsntfs.c +++ b/fs/ntfs3/fsntfs.c @@ -1252,6 +1252,12 @@ int ntfs_read_run_nb(struct ntfs_sb_info *sbi, const struct runs_tree *run, } while (len32); + if (!run) { + err = -EINVAL; + goto out; + } + + /* Get next fragment to read. */ vcn_next = vcn + clen; if (!run_get_entry(run, ++idx, &vcn, &lcn, &clen) || vcn != vcn_next) { -- 2.51.0