On Sat, Jan 14, 2023 at 09:54:41AM +0800, Jia-Ju Bai wrote:
> In a previous commit 2681631c2973, the parameter ni of
> attr_load_runs_vcn() can be NULL, and thus a NULL check is added.
>
> However, in the same call stack, this variable is also dereferenced in
> mi_read():
>
> mi_read()
> ni_lock(mft_ni);
> attr_load_runs_vcn(mft_ni)
> if (ni) -> Add a check by previous commit (ni is mft_ni)
> ni_unlock(mft_ni);
>
> Thus, to avoid possible null-pointer dereferences, mft_ni should be
> also checked in mi_read().
>
> These results are reported by a static tool designed by myself
No, it should not. ni_lock(mft_ni) is called only if rw_lock
is not NULL. The only assignment of non-NULL to that variable is
here:
if (is_mounted(sbi)) {
if (!is_mft) {
rw_lock = &mft_ni->file.run_lock;
down_read(rw_lock);
}
}
Note that it would have already oopsed had mft_ni been NULL.
The logics might or might not be wrong there, but could we please
stop obfuscating it by checks piled higher and deeper just in case?
Incidentally, I hope the pattern that triggered here is not
f() checks for its argument being NULL, one of the callers of f() passes it a pointer
therefore that pointer might be NULL
for obvious reasons...
