On Tue, Feb 13, 2024 at 12:48:56AM +0100, Jan Kara wrote:
> On Mon 12-02-24 10:47:28, Kees Cook wrote:
> > On Fri, Feb 09, 2024 at 12:22:50PM +0100, Jan Kara wrote:
> > > [...]
> > > @@ -613,15 +658,17 @@ static loff_t find_block_dqentry(struct qtree_mem_dqinfo *info,
> > >
> > > /* Find entry for given id in the tree */
> > > static loff_t find_tree_dqentry(struct qtree_mem_dqinfo *info,
> > > - struct dquot *dquot, uint blk, int depth)
> > > + struct dquot *dquot, uint *blks, int depth)
> > > {
> > > char *buf = kmalloc(info->dqi_usable_bs, GFP_NOFS);
> > > loff_t ret = 0;
> > > __le32 *ref = (__le32 *)buf;
> > > + uint blk;
> > > + int i;
> > >
> > > if (!buf)
> > > return -ENOMEM;
> > > - ret = read_blk(info, blk, buf);
> > > + ret = read_blk(info, blks[depth], buf);
> > > if (ret < 0) {
> > > quota_error(dquot->dq_sb, "Can't read quota tree block %u",
> > > blk);
> > ^^^
> > Coverity noticed this is used uninitialized. It should be "blks[depth]"
> > now, I think.
>
> Yup, already pushed fix to my tree as 0-day notified me as well :) But
> thanks for noticing!
Ah-ha! Thanks :)
--
Kees Cook
