1. Patchew
  2. linux
  3. View series

[PATCH] fs/bfs: Null check to prevent null-ptr-deref bug

Xiaochen Zou posted 1 patch 1 year, 11 months ago 
fs/bfs/file.c | 2 ++
1 file changed, 2 insertions(+)
[PATCH] fs/bfs: Null check to prevent null-ptr-deref bug
Posted by Xiaochen Zou 1 year, 11 months ago 
Similar to ea2b62f3058 (fs/sysv: Null check to prevent
null-ptr-deref bug), bfs is lack of return value check for
sb_getblk(). Adding a null check to prevent null-ptr-defer bug

Signed-off-by: Xiaochen Zou <xzou017@ucr.edu>
---
 fs/bfs/file.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/fs/bfs/file.c b/fs/bfs/file.c
index adc2230079c6..35688424bde3 100644
--- a/fs/bfs/file.c
+++ b/fs/bfs/file.c
@@ -39,6 +39,8 @@ static int bfs_move_block(unsigned long from, unsigned long to,
 	if (!bh)
 		return -EIO;
 	new = sb_getblk(sb, to);
+	if (unlikely(!new))
+		return -ENOMEM;
 	memcpy(new->b_data, bh->b_data, bh->b_size);
 	mark_buffer_dirty(new);
 	bforget(bh);
-- 
2.25.1
Re: [PATCH] fs/bfs: Null check to prevent null-ptr-deref bug
Posted by Tigran Aivazian 1 year, 11 months ago 
Hello,

On Fri, 5 Jan 2024 at 19:33, Xiaochen Zou <xzou017@ucr.edu> wrote:
> Similar to ea2b62f3058 (fs/sysv: Null check to prevent
> null-ptr-deref bug), bfs is lack of return value check for
> sb_getblk(). Adding a null check to prevent null-ptr-defer bug

> diff --git a/fs/bfs/file.c b/fs/bfs/file.c
> index adc2230079c6..35688424bde3 100644
> --- a/fs/bfs/file.c
> +++ b/fs/bfs/file.c
> @@ -39,6 +39,8 @@ static int bfs_move_block(unsigned long from, unsigned long to,
>         if (!bh)
>                 return -EIO;
>         new = sb_getblk(sb, to);
> +       if (unlikely(!new))
> +               return -ENOMEM;

Thank you, yes, that makes sense. Please apply the patch.

Acknowledged-By; Tigran Aivazian <aivazian.tigran@gmail.com>
Re: [PATCH] fs/bfs: Null check to prevent null-ptr-deref bug
Posted by Christian A. Ehrhardt 1 year, 11 months ago 
Hi,

On Sat, Jan 06, 2024 at 08:38:02AM +0000, Tigran Aivazian wrote:
> Hello,
> 
> On Fri, 5 Jan 2024 at 19:33, Xiaochen Zou <xzou017@ucr.edu> wrote:
> > Similar to ea2b62f3058 (fs/sysv: Null check to prevent
> > null-ptr-deref bug), bfs is lack of return value check for
> > sb_getblk(). Adding a null check to prevent null-ptr-defer bug
> 
> > diff --git a/fs/bfs/file.c b/fs/bfs/file.c
> > index adc2230079c6..35688424bde3 100644
> > --- a/fs/bfs/file.c
> > +++ b/fs/bfs/file.c
> > @@ -39,6 +39,8 @@ static int bfs_move_block(unsigned long from, unsigned long to,
> >         if (!bh)
> >                 return -EIO;
> >         new = sb_getblk(sb, to);
> > +       if (unlikely(!new))
> > +               return -ENOMEM;
> 
> Thank you, yes, that makes sense. Please apply the patch.

What's with the bh in this case? Wouldn't we need a brelse or something?

> 
> Acknowledged-By; Tigran Aivazian <aivazian.tigran@gmail.com>
> 
> 

regards   Christian
Re: [PATCH] fs/bfs: Null check to prevent null-ptr-deref bug
Posted by Tigran Aivazian 1 year, 11 months ago 
Hi,

On Sat, 6 Jan 2024 at 18:54, Christian A. Ehrhardt <lk@c--e.de> wrote:
> > >         if (!bh)
> > >                 return -EIO;
> > >         new = sb_getblk(sb, to);
> > > +       if (unlikely(!new))
> > > +               return -ENOMEM;
>
> What's with the bh in this case? Wouldn't we need a brelse or something?

Oh sorry, mea culpa et senecta :) Since the data has been read into bh
then I suppose we need bforget(bh) rather than brelse(bh) before
returning -ENOMEM above.

Kind regards,
Tigran

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.