On Tue, Nov 16, 2021 at 05:21:34PM +0200, Amir Goldstein wrote:
> On Tue, Nov 16, 2021 at 1:45 PM Dan Carpenter <dan.carpenter@xxxxxxxxxx> wrote:
> >
> > Hello Amir Goldstein,
> >
> > The patch cacfb956d46e: "fanotify: record name info for
> > FAN_DIR_MODIFY event" from Mar 19, 2020, leads to the following
> > Smatch static checker warning:
> >
> > fs/notify/fanotify/fanotify_user.c:401 copy_fid_info_to_user()
> > error: we previously assumed 'fh' could be null (see line 362)
> >
> > fs/notify/fanotify/fanotify_user.c
> > 354 static int copy_fid_info_to_user(__kernel_fsid_t *fsid, struct fanotify_fh *fh,
> > 355 int info_type, const char *name,
> > 356 size_t name_len,
> > 357 char __user *buf, size_t count)
> > 358 {
> > 359 struct fanotify_event_info_fid info = { };
> > 360 struct file_handle handle = { };
> > 361 unsigned char bounce[FANOTIFY_INLINE_FH_LEN], *fh_buf;
> > 362 size_t fh_len = fh ? fh->len : 0;
> > ^^^^^^^^^^^^^
> > The patch adds a check for in "fh" is NULL
> >
> > 363 size_t info_len = fanotify_fid_info_len(fh_len, name_len);
> > 364 size_t len = info_len;
> > 365
> > 366 pr_debug("%s: fh_len=%zu name_len=%zu, info_len=%zu, count=%zu\n",
> > 367 __func__, fh_len, name_len, info_len, count);
> > 368
>
> Upstream has these two lines:
> if (!fh_len)
> return 0;
>
> Which diffuses the reported bug.
> Where did those lines go?
I'm not sure, I suspected this might be a merge issue.
regards,
dan carpenter
