1. Patchew
  2. linux
  3. View series

[PATCH] pstore/zone: fix return value for psz_init_zones

Eugen Hristev posted 1 patch 11 months ago 
fs/pstore/zone.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
[PATCH] pstore/zone: fix return value for psz_init_zones
Posted by Eugen Hristev 11 months ago 
psz_init_zones is not supposed to return NULL. It returns an errno,
and its caller always checks for an errno to look for a problem.
If the caller receives a NULL as a return, this code will go further
without any errors:

        cxt->kpszs = psz_init_zones(PSTORE_TYPE_DMESG, &off,
                        info->total_size - off_size,
                        info->kmsg_size, &cxt->kmsg_max_cnt);
        if (IS_ERR(cxt->kpszs)) {
                err = PTR_ERR(cxt->kpszs);
                cxt->kpszs = NULL;
                goto free_out;
        }

Later, when dereferencing kpszs, a panic would occur.

Thus, to avoid this possible crash, it's better to avoid returning NULL
in psz_init_zones, and just return -EINVAL if the parameters received
are wrong (in this case, a zero size request).

Fixes: d26c3321fe18 ("pstore/zone: Introduce common layer to manage storage zones")
Signed-off-by: Eugen Hristev <eugen.hristev@linaro.org>
---
 fs/pstore/zone.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/pstore/zone.c b/fs/pstore/zone.c
index 5fa2fa2e7aa7..dbafc72a2f68 100644
--- a/fs/pstore/zone.c
+++ b/fs/pstore/zone.c
@@ -1204,7 +1204,7 @@ static struct pstore_zone **psz_init_zones(enum pstore_type_id type,
 
 	*cnt = 0;
 	if (!total_size || !record_size)
-		return NULL;
+		return ERR_PTR(-EINVAL);
 
 	if (*off + total_size > info->total_size) {
 		pr_err("no room for zones %s (0x%zx@0x%llx over 0x%lx)\n",
-- 
2.43.0
Re: [PATCH] pstore/zone: fix return value for psz_init_zones
Posted by Eugen Hristev 11 months ago 

On 1/21/25 17:06, Eugen Hristev wrote:
> psz_init_zones is not supposed to return NULL. It returns an errno,
> and its caller always checks for an errno to look for a problem.
> If the caller receives a NULL as a return, this code will go further
> without any errors:
> 
>         cxt->kpszs = psz_init_zones(PSTORE_TYPE_DMESG, &off,
>                         info->total_size - off_size,
>                         info->kmsg_size, &cxt->kmsg_max_cnt);
>         if (IS_ERR(cxt->kpszs)) {
>                 err = PTR_ERR(cxt->kpszs);
>                 cxt->kpszs = NULL;
>                 goto free_out;
>         }
> 
> Later, when dereferencing kpszs, a panic would occur.
> 
> Thus, to avoid this possible crash, it's better to avoid returning NULL
> in psz_init_zones, and just return -EINVAL if the parameters received
> are wrong (in this case, a zero size request).

Please disregard this patch. I found a case when NULL is being used
meaningfully so I have to find a better way to handle this.

Sorry for the noise.

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.