[PATCH] fs/ntfs3: fix null pointer dereference in d_flags_for_inode

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

ntfs_read_mft may return inode with null i_op, cause null pointer dereference in d_flags_for_inode (inode->i_op->get_link).
Reproduce:
 - sudo mount -t ntfs3 -o loop ntfs.img ntfs
 - ls ntfs/'$Extend/$Quota'

The call trace is shown below (striped):
 BUG: kernel NULL pointer dereference, address: 0000000000000008
 CPU: 0 PID: 577 Comm: ls Tainted: G           OE     5.16.0-0.bpo.4-amd64 #1  Debian 5.16.12-1~bpo11+1
 RIP: 0010:d_flags_for_inode+0x65/0x90
 Call Trace:
 ntfs_lookup
 +--- dir_search_u
 |    +--- ntfs_iget5
 |         +--- ntfs_read_mft
 +--- d_splice_alias
      +--- __d_add
           +--- d_flags_for_inode

Signed-off-by: Liangbin Lian <jjm2473@xxxxxxxxx>
---
 fs/ntfs3/inode.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/fs/ntfs3/inode.c b/fs/ntfs3/inode.c
index 9eab11e3b..b68d26fa8 100644
--- a/fs/ntfs3/inode.c
+++ b/fs/ntfs3/inode.c
@@ -45,7 +45,6 @@ static struct inode *ntfs_read_mft(struct inode *inode,
 	struct MFT_REC *rec;
 	struct runs_tree *run;
 
-	inode->i_op = NULL;
 	/* Setup 'uid' and 'gid' */
 	inode->i_uid = sbi->options->fs_uid;
 	inode->i_gid = sbi->options->fs_gid;
-- 
2.32.0 (Apple Git-132)
[Index of Archives]     [Linux Driver Backports]     [DMA Engine]     [Linux GPIO]     [Linux SPI]     [Video for Linux]     [Linux USB Devel]     [Linux Coverity]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [Yosemite Backpacking]
  Powered by Linux