This reverts commit f2538f999345405f7d2e1194c0c8efa4e11f7b3a.
Looks like NULL this is never dereferenced in reality because the function
returns earlier with "return no_overlapping_node(...)".
That's how mounting of a fully normal JFFS2 as rootfs looks like after the
patch:
Run /sbin/init as init process
jffs2: error: (1) jffs2_build_inode_fragtree: Add node to tree failed -22
jffs2: error: (1) jffs2_do_read_inode_internal: Failed to build final fragtree for inode #14: error -22
jffs2: iget() failed for ino #14
jffs2: error: (36) jffs2_build_inode_fragtree: Add node to tree failed -22
Starting init: /sbin/init exists but couldn't execute it (error -22)
Run /etc/init as init process
Run /bin/init as init process
jffs2: error: (1) jffs2_build_inode_fragtree: Add node to tree failed -22
jffs2: error: (1) jffs2_do_read_inode_internal: Failed to build final fragtree for inode #2: error -22
jffs2: iget() failed for ino #2
Starting init: /bin/init exists but couldn't execute it (error -22)
Run /bin/sh as init process
jffs2: error: (1) jffs2_build_inode_fragtree: Add node to tree failed -22
jffs2: error: (1) jffs2_do_read_inode_internal: Failed to build final fragtree for inode #2: error -22
jffs2: iget() failed for ino #2
Starting init: /bin/sh exists but couldn't execute it (error -22)
jffs2: error: (36) jffs2_do_read_inode_internal: Failed to build final fragtree for inode #128: error -22
Kernel panic - not syncing: No working init found. Try passing init= option to kernel. See Linux Documentation/admin-guide/init.rst for guidance.
Fixes: f2538f99934 ("jffs2: Fix possible null-pointer dereferences in jffs2_add_frag_to_fragtree()")
Signed-off-by: Alexander Sverdlin <alexander.sverdlin@xxxxxxxxx>
---
fs/jffs2/nodelist.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/jffs2/nodelist.c b/fs/jffs2/nodelist.c
index 021a4a2190ee..b86c78d178c6 100644
--- a/fs/jffs2/nodelist.c
+++ b/fs/jffs2/nodelist.c
@@ -226,7 +226,7 @@ static int jffs2_add_frag_to_fragtree(struct jffs2_sb_info *c, struct rb_root *r
lastend = this->ofs + this->size;
} else {
dbg_fragtree2("lookup gave no frag\n");
- return -EINVAL;
+ lastend = 0;
}
/* See if we ran off the end of the fragtree */
--
2.23.0
______________________________________________________
Linux MTD discussion mailing list
http://lists.infradead.org/mailman/listinfo/linux-mtd/
[PATCH] Revert "jffs2: Fix possible null-pointer dereferences in jffs2_add_frag_to_fragtree()"
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: [PATCH] Revert "jffs2: Fix possible null-pointer dereferences in jffs2_add_frag_to_fragtree()"
- From: Alexander Sverdlin <alexander.sverdlin@xxxxxxxxx>
- Date: Sat, 19 Oct 2019 17:55:56 +0200
- Cc: David Woodhouse <dwmw2@xxxxxxxxxxxxx>, Jia-Ju Bai <baijiaju1990@xxxxxxxxx>, Alexander Sverdlin <alexander.sverdlin@xxxxxxxxx>, Richard Weinberger <richard@xxxxxx>
- Follow-Ups:
- Re: [PATCH] Revert "jffs2: Fix possible null-pointer dereferences in jffs2_add_frag_to_fragtree()"
- From: Richard Weinberger
- Re: [PATCH] Revert "jffs2: Fix possible null-pointer dereferences in jffs2_add_frag_to_fragtree()"
- Prev by Date: Re: [PATCH] MAINTAINERS: mtd/ubi/ubifs: Remove inactive maintainers
- Next by Date: Re: [PATCH] Revert "jffs2: Fix possible null-pointer dereferences in jffs2_add_frag_to_fragtree()"
- Previous by thread: [PATCH] mtd: rawnand: brcmnand: Fix sparse warning in has_flash_dma()
- Next by thread: Re: [PATCH] Revert "jffs2: Fix possible null-pointer dereferences in jffs2_add_frag_to_fragtree()"
- Index(es):
 |