In a previous commit 2681631c2973, the parameter ni of
attr_load_runs_vcn() can be NULL, and thus a NULL check is added.
However, in the same call stack, this variable is also dereferenced in
mi_read():
mi_read()
ni_lock(mft_ni);
attr_load_runs_vcn(mft_ni)
if (ni) -> Add a check by previous commit (ni is mft_ni)
ni_unlock(mft_ni);
Thus, to avoid possible null-pointer dereferences, mft_ni should be
also checked in mi_read().
These results are reported by a static tool designed by myself
Signed-off-by: Jia-Ju Bai <baijiaju1990@xxxxxxxxx>
Reported-by: TOTE Robot <oslab@xxxxxxxxxxxxxxx>
---
fs/ntfs3/record.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/ntfs3/record.c b/fs/ntfs3/record.c
index defce6a5c8e1..9c5f922543c2 100644
--- a/fs/ntfs3/record.c
+++ b/fs/ntfs3/record.c
@@ -144,13 +144,13 @@ int mi_read(struct mft_inode *mi, bool is_mft)
if (err != -ENOENT)
goto out;
- if (rw_lock) {
+ if (rw_lock && mft_ni) {
ni_lock(mft_ni);
down_write(rw_lock);
}
err = attr_load_runs_vcn(mft_ni, ATTR_DATA, NULL, 0, &mft_ni->file.run,
vbo >> sbi->cluster_bits);
- if (rw_lock) {
+ if (rw_lock && mft_ni) {
up_write(rw_lock);
ni_unlock(mft_ni);
}
--
2.34.1
