This problem was previously fixed by commit ac2c63757f4f ("orangefs: Fix sb
refcount leak when allocate sb info failed.").
Add a judgement to fix NULL deference problem and also avoid refcount
leak problem.

Fixes: 9bf93dcfc453 ("Julia Lawall reported this null pointer dereference, this should fix it.")
Signed-off-by: Su Hui <suhui@nfschina.com>
---
ps: Thanks for Dan's suggestion[1].
[1]: https://lore.kernel.org/all/c4bf77fb-c289-4f5d-9f20-e0861a543d91@moroto.mountain/
 fs/orangefs/super.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/fs/orangefs/super.c b/fs/orangefs/super.c
index 34849b4a3243..e189e1aae00b 100644
--- a/fs/orangefs/super.c
+++ b/fs/orangefs/super.c
@@ -527,7 +527,7 @@ struct dentry *orangefs_mount(struct file_system_type *fst,
 	sb->s_fs_info = kzalloc(sizeof(struct orangefs_sb_info_s), GFP_KERNEL);
 	if (!ORANGEFS_SB(sb)) {
 		d = ERR_PTR(-ENOMEM);
-		goto free_op;
+		goto free_sb_and_op;
 	}
 
 	ret = orangefs_fill_sb(sb,
@@ -581,7 +581,8 @@ struct dentry *orangefs_mount(struct file_system_type *fst,
 
 free_sb_and_op:
 	/* Will call orangefs_kill_sb with sb not in list. */
-	ORANGEFS_SB(sb)->no_list = 1;
+	if (ORANGEFS_SB(sb))
+		ORANGEFS_SB(sb)->no_list = 1;
 	/* ORANGEFS_VFS_OP_FS_UMOUNT is done by orangefs_kill_sb. */
 	deactivate_locked_super(sb);
 free_op:
-- 
2.30.2

On Fri, Feb 23, 2024 at 05:36:41PM +0800, Su Hui wrote:
> This problem was previously fixed by commit ac2c63757f4f ("orangefs: Fix sb
> refcount leak when allocate sb info failed.").
> Add a judgement to fix NULL deference problem and also avoid refcount
> leak problem.
> 
> Fixes: 9bf93dcfc453 ("Julia Lawall reported this null pointer dereference, this should fix it.")
> Signed-off-by: Su Hui <suhui@nfschina.com>
> ---
> ps: Thanks for Dan's suggestion[1].
> [1]: https://lore.kernel.org/all/c4bf77fb-c289-4f5d-9f20-e0861a543d91@moroto.mountain/

Thanks!

Reviewed-by: Dan Carpenter <dan.carpenter@linaro.org>

regards,
dan carpenter