https://bugzilla.kernel.org/show_bug.cgi?id=200925 Bug ID: 200925 Summary: null pointer dereference in xfs_dir_isempty() Product: File System Version: 2.5 Kernel Version: 4.18 Hardware: All OS: Linux Tree: Mainline Status: NEW Severity: normal Priority: P1 Component: XFS Assignee: filesystem_xfs@xxxxxxxxxxxxxxxxxxxxxx Reporter: wen.xu@xxxxxxxxxx Regression: No Created attachment 278069 --> https://bugzilla.kernel.org/attachment.cgi?id=278069&action=edit poc.c - Reproduce # mkdir mnt # mount -t xfs 79.img mnt # gcc 79.c # ./a.out ./mnt - Kernel message Check attachment: 79.log - Reason https://elixir.bootlin.com/linux/latest/source/fs/xfs/libxfs/xfs_dir2.c#L185 sfp = (xfs_dir2_sf_hdr_t *)dp->i_df.if_u1.if_data; return !sfp->count; Missing checks on sfp. Reported by Wen Xu (wen.xu@xxxxxxxxxx) from SSLab. -- You are receiving this mail because: You are watching the assignee of the bug.
