[PATCH] fs: ntfs3: Add check for mft_ni in mi_read()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



In a previous commit 2681631c2973, the parameter ni of
attr_load_runs_vcn() can be NULL, and thus a NULL check is added.

However, in the same call stack, this variable is also dereferenced in
mi_read():

mi_read()
  ni_lock(mft_ni);
    attr_load_runs_vcn(mft_ni)
      if (ni) -> Add a check by previous commit (ni is mft_ni)
  ni_unlock(mft_ni);

Thus, to avoid possible null-pointer dereferences, mft_ni should be
also checked in mi_read().

These results are reported by a static tool designed by myself

Signed-off-by: Jia-Ju Bai <baijiaju1990@xxxxxxxxx>
Reported-by: TOTE Robot <oslab@xxxxxxxxxxxxxxx>
---
 fs/ntfs3/record.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/fs/ntfs3/record.c b/fs/ntfs3/record.c
index defce6a5c8e1..9c5f922543c2 100644
--- a/fs/ntfs3/record.c
+++ b/fs/ntfs3/record.c
@@ -144,13 +144,13 @@ int mi_read(struct mft_inode *mi, bool is_mft)
 	if (err != -ENOENT)
 		goto out;
 
-	if (rw_lock) {
+	if (rw_lock && mft_ni) {
 		ni_lock(mft_ni);
 		down_write(rw_lock);
 	}
 	err = attr_load_runs_vcn(mft_ni, ATTR_DATA, NULL, 0, &mft_ni->file.run,
 				 vbo >> sbi->cluster_bits);
-	if (rw_lock) {
+	if (rw_lock && mft_ni) {
 		up_write(rw_lock);
 		ni_unlock(mft_ni);
 	}
-- 
2.34.1





[Index of Archives]     [Linux Driver Backports]     [DMA Engine]     [Linux GPIO]     [Linux SPI]     [Video for Linux]     [Linux USB Devel]     [Linux Coverity]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [Yosemite Backpacking]
  Powered by Linux