Re: [bug report] fanotify: record name info for FAN_DIR_MODIFY event

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Nov 16, 2021 at 8:02 PM Dan Carpenter <dan.carpenter@xxxxxxxxxx> wrote:
>
> On Tue, Nov 16, 2021 at 08:57:09PM +0300, Dan Carpenter wrote:
> > On Tue, Nov 16, 2021 at 05:21:34PM +0200, Amir Goldstein wrote:
> > > On Tue, Nov 16, 2021 at 1:45 PM Dan Carpenter <dan.carpenter@xxxxxxxxxx> wrote:
> > > >
> > > > Hello Amir Goldstein,
> > > >
> > > > The patch cacfb956d46e: "fanotify: record name info for
> > > > FAN_DIR_MODIFY event" from Mar 19, 2020, leads to the following
> > > > Smatch static checker warning:
> > > >
> > > >         fs/notify/fanotify/fanotify_user.c:401 copy_fid_info_to_user()
> > > >         error: we previously assumed 'fh' could be null (see line 362)
> > > >
> > > > fs/notify/fanotify/fanotify_user.c
> > > >     354 static int copy_fid_info_to_user(__kernel_fsid_t *fsid, struct fanotify_fh *fh,
> > > >     355                                  int info_type, const char *name,
> > > >     356                                  size_t name_len,
> > > >     357                                  char __user *buf, size_t count)
> > > >     358 {
> > > >     359         struct fanotify_event_info_fid info = { };
> > > >     360         struct file_handle handle = { };
> > > >     361         unsigned char bounce[FANOTIFY_INLINE_FH_LEN], *fh_buf;
> > > >     362         size_t fh_len = fh ? fh->len : 0;
> > > >                                 ^^^^^^^^^^^^^
> > > > The patch adds a check for in "fh" is NULL
> > > >
> > > >     363         size_t info_len = fanotify_fid_info_len(fh_len, name_len);
> > > >     364         size_t len = info_len;
> > > >     365
> > > >     366         pr_debug("%s: fh_len=%zu name_len=%zu, info_len=%zu, count=%zu\n",
> > > >     367                  __func__, fh_len, name_len, info_len, count);
> > > >     368
> > >
> > > Upstream has these two lines:
> > >        if (!fh_len)
> > >                 return 0;
> > >
> > > Which diffuses the reported bug.
> > > Where did those lines go?
> >
> > I'm not sure, I suspected this might be a merge issue.
>
> Oh, duh.  I'm using linux-next.  Probably that's relevant information.
>

I may be missing something, but I don't see any diff between
linus and linux-next in that file and I don't know any version of that
file in history where this check or another version of it is missing???

Thanks,
Amir.



[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [NTFS 3]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [NTFS 3]     [Samba]     [Device Mapper]     [CEPH Development]

  Powered by Linux