[bug report] cifs: reduce roundtrips on create/qinfo requests

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello Paulo Alcantara,

The patch c877ce47e137: "cifs: reduce roundtrips on create/qinfo
requests" from Dec 12, 2022, leads to the following Smatch static
checker warning:

	fs/cifs/smb2ops.c:865 smb2_is_path_accessible()
	warn: variable dereferenced before check 'cifs_sb' (see line 834)

fs/cifs/smb2ops.c
    811 static int
    812 smb2_is_path_accessible(const unsigned int xid, struct cifs_tcon *tcon,
    813                         struct cifs_sb_info *cifs_sb, const char *full_path)
    814 {
    815         __le16 *utf16_path;
    816         __u8 oplock = SMB2_OPLOCK_LEVEL_NONE;
    817         int err_buftype = CIFS_NO_BUFFER;
    818         struct cifs_open_parms oparms;
    819         struct kvec err_iov = {};
    820         struct cifs_fid fid;
    821         struct cached_fid *cfid;
    822         bool islink;
    823         int rc, rc2;
    824 
    825         rc = open_cached_dir(xid, tcon, full_path, cifs_sb, true, &cfid);
    826         if (!rc) {
    827                 if (cfid->has_lease) {
    828                         close_cached_dir(cfid);
    829                         return 0;
    830                 }
    831                 close_cached_dir(cfid);
    832         }
    833 
    834         utf16_path = cifs_convert_path_to_utf16(full_path, cifs_sb);
                                                                   ^^^^^^^
Unchecked dereference inside the function.

    835         if (!utf16_path)
    836                 return -ENOMEM;
    837 
    838         oparms = (struct cifs_open_parms) {
    839                 .tcon = tcon,
    840                 .path = full_path,
    841                 .desired_access = FILE_READ_ATTRIBUTES,
    842                 .disposition = FILE_OPEN,
    843                 .create_options = cifs_create_options(cifs_sb, 0),
    844                 .fid = &fid,
    845         };
    846 
    847         rc = SMB2_open(xid, &oparms, utf16_path, &oplock, NULL, NULL,
    848                        &err_iov, &err_buftype);
    849         if (rc) {
    850                 struct smb2_hdr *hdr = err_iov.iov_base;
    851 
    852                 if (unlikely(!hdr || err_buftype == CIFS_NO_BUFFER))
    853                         goto out;
    854 
    855                 if (rc != -EREMOTE && hdr->Status == STATUS_OBJECT_NAME_INVALID) {
    856                         rc2 = cifs_inval_name_dfs_link_error(xid, tcon, cifs_sb,
    857                                                              full_path, &islink);
    858                         if (rc2) {
    859                                 rc = rc2;
    860                                 goto out;
    861                         }
    862                         if (islink)
    863                                 rc = -EREMOTE;
    864                 }
--> 865                 if (rc == -EREMOTE && IS_ENABLED(CONFIG_CIFS_DFS_UPCALL) && cifs_sb &&
                                                                                    ^^^^^^^
No point in checking after a dereference.

    866                     (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_NO_DFS))
    867                         rc = -EOPNOTSUPP;
    868                 goto out;
    869         }
    870 
    871         rc = SMB2_close(xid, tcon, fid.persistent_fid, fid.volatile_fid);
    872 
    873 out:
    874         free_rsp_buf(err_buftype, err_iov.iov_base);
    875         kfree(utf16_path);
    876         return rc;
    877 }

regards,
dan carpenter
[Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux