On 9/3/15 5:45 AM, Brian Foster wrote:
> On Thu, Sep 03, 2015 at 10:57:40AM +0100, Colin King wrote:
>> From: Colin Ian King <colin.king@xxxxxxxxxxxxx>
>>
>> xfs_vm_set_page_dirty checks to see if mapping is NULL however
>> before this unlikely check it already dereferenced mapping when
>> initializing inode. Move the inode initialization after the mapping
>> null check to avoid a potential null pointer dereference.
>>
>> Fixes: 22e757a49cf0 ("xfs: don't dirty buffers beyond EOF")
>> Signed-off-by: Colin Ian King <colin.king@xxxxxxxxxxxxx>
>> ---
>
> Reviewed-by: Brian Foster <bfoster@xxxxxxxxxx>
Reviewed-by: Eric Sandeen <sandeen@xxxxxxxxxx>
Should probably cc: stable on this one too, the commit it
fixes went in at 3.17, and it also cc'd stable.
-Eric
>> fs/xfs/xfs_aops.c | 3 ++-
>> 1 file changed, 2 insertions(+), 1 deletion(-)
>>
>> diff --git a/fs/xfs/xfs_aops.c b/fs/xfs/xfs_aops.c
>> index c77499b..d15ae85 100644
>> --- a/fs/xfs/xfs_aops.c
>> +++ b/fs/xfs/xfs_aops.c
>> @@ -1935,7 +1935,7 @@ xfs_vm_set_page_dirty(
>> struct page *page)
>> {
>> struct address_space *mapping = page->mapping;
>> - struct inode *inode = mapping->host;
>> + struct inode *inode;
>> loff_t end_offset;
>> loff_t offset;
>> int newly_dirty;
>> @@ -1944,6 +1944,7 @@ xfs_vm_set_page_dirty(
>> if (unlikely(!mapping))
>> return !TestSetPageDirty(page);
>>
>> + inode = mapping->host;
>> end_offset = i_size_read(inode);
>> offset = page_offset(page);
>>
>> --
>> 2.5.0
>>
>> _______________________________________________
>> xfs mailing list
>> xfs@xxxxxxxxxxx
>> http://oss.sgi.com/mailman/listinfo/xfs
>
> _______________________________________________
> xfs mailing list
> xfs@xxxxxxxxxxx
> http://oss.sgi.com/mailman/listinfo/xfs
>
_______________________________________________
xfs mailing list
xfs@xxxxxxxxxxx
http://oss.sgi.com/mailman/listinfo/xfs
