Patch "btrfs: avoid null pointer dereference on fs_info when calling btrfs_crit" has been added to the 4.14-stable tree

<gregkh@xxxxxxxxxxxxxxxxxxx> · Mon, 18 Dec 2017 13:55:41 +0100

This is a note to let you know that I've just added the patch titled

    btrfs: avoid null pointer dereference on fs_info when calling btrfs_crit

to the 4.14-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     btrfs-avoid-null-pointer-dereference-on-fs_info-when-calling-btrfs_crit.patch
and it can be found in the queue-4.14 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.


>From foo@baz Mon Dec 18 13:28:59 CET 2017
From: Colin Ian King <colin.king@xxxxxxxxxxxxx>
Date: Mon, 11 Sep 2017 16:15:28 +0100
Subject: btrfs: avoid null pointer dereference on fs_info when calling btrfs_crit

From: Colin Ian King <colin.king@xxxxxxxxxxxxx>


[ Upstream commit 3993b112dac968612b0b213ed59cb30f50b0015b ]

There are checks on fs_info in __btrfs_panic to avoid dereferencing a
null fs_info, however, there is a call to btrfs_crit that may also
dereference a null fs_info. Fix this by adding a check to see if fs_info
is null and only print the s_id if fs_info is non-null.

Detected by CoverityScan CID#401973 ("Dereference after null check")

Fixes: efe120a067c8 ("Btrfs: convert printk to btrfs_ and fix BTRFS prefix")
Signed-off-by: Colin Ian King <colin.king@xxxxxxxxxxxxx>
Reviewed-by: David Sterba <dsterba@xxxxxxxx>
Signed-off-by: David Sterba <dsterba@xxxxxxxx>
Signed-off-by: Sasha Levin <alexander.levin@xxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
 fs/btrfs/super.c |    4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

--- a/fs/btrfs/super.c
+++ b/fs/btrfs/super.c
@@ -202,7 +202,6 @@ static struct ratelimit_state printk_lim
 
 void btrfs_printk(const struct btrfs_fs_info *fs_info, const char *fmt, ...)
 {
-	struct super_block *sb = fs_info->sb;
 	char lvl[PRINTK_MAX_SINGLE_HEADER_LEN + 1] = "\0";
 	struct va_format vaf;
 	va_list args;
@@ -228,7 +227,8 @@ void btrfs_printk(const struct btrfs_fs_
 	vaf.va = &args;
 
 	if (__ratelimit(ratelimit))
-		printk("%sBTRFS %s (device %s): %pV\n", lvl, type, sb->s_id, &vaf);
+		printk("%sBTRFS %s (device %s): %pV\n", lvl, type,
+			fs_info ? fs_info->sb->s_id : "<unknown>", &vaf);
 
 	va_end(args);
 }


Patches currently in stable-queue which might be from colin.king@xxxxxxxxxxxxx are

queue-4.14/btrfs-avoid-null-pointer-dereference-on-fs_info-when-calling-btrfs_crit.patch
queue-4.14/ipmi_si-fix-memory-leak-on-new_smi.patch






