2021-02-02 21:40:01

by Jeff Layton

[permalink] [raw]
Subject: [PATCH] ceph: fix an oops in error handling in ceph_netfs_issue_op

Dan reported a potential oops in the cleanup if ceph_osdc_new_request
returns an error. Eliminate the unneeded initialization of "req" and
then just set it to NULL in the case where it holds an ERR_PTR.

Also, drop the unneeded NULL check before calling
ceph_osdc_put_request.

Fixes: 1cf7fdf52d5a ("ceph: convert readpage to fscache read helper")
Reported-by: Dan Carpenter <[email protected]>
Suggested-by: Ilya Dryomov <[email protected]>
Signed-off-by: Jeff Layton <[email protected]>
---
fs/ceph/addr.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/fs/ceph/addr.c b/fs/ceph/addr.c
index 5eec6f66fe52..0dd64d31eff6 100644
--- a/fs/ceph/addr.c
+++ b/fs/ceph/addr.c
@@ -234,7 +234,7 @@ static void ceph_netfs_issue_op(struct netfs_read_subrequest *subreq)
struct inode *inode = rreq->mapping->host;
struct ceph_inode_info *ci = ceph_inode(inode);
struct ceph_fs_client *fsc = ceph_inode_to_client(inode);
- struct ceph_osd_request *req = NULL;
+ struct ceph_osd_request *req;
struct ceph_vino vino = ceph_vino(inode);
struct iov_iter iter;
struct page **pages;
@@ -248,6 +248,7 @@ static void ceph_netfs_issue_op(struct netfs_read_subrequest *subreq)
NULL, ci->i_truncate_seq, ci->i_truncate_size, false);
if (IS_ERR(req)) {
err = PTR_ERR(req);
+ req = NULL;
goto out;
}

@@ -273,8 +274,7 @@ static void ceph_netfs_issue_op(struct netfs_read_subrequest *subreq)
if (err)
iput(inode);
out:
- if (req)
- ceph_osdc_put_request(req);
+ ceph_osdc_put_request(req);
if (err)
netfs_subreq_terminated(subreq, err);
dout("%s: result %d\n", __func__, err);
--
2.29.2


2021-02-02 22:26:07

by Dan Carpenter

[permalink] [raw]
Subject: Re: [PATCH] ceph: fix an oops in error handling in ceph_netfs_issue_op

On Tue, Feb 02, 2021 at 08:10:41AM -0500, Jeff Layton wrote:
> Dan reported a potential oops in the cleanup if ceph_osdc_new_request
> returns an error. Eliminate the unneeded initialization of "req" and
> then just set it to NULL in the case where it holds an ERR_PTR.
>
> Also, drop the unneeded NULL check before calling
> ceph_osdc_put_request.
>
> Fixes: 1cf7fdf52d5a ("ceph: convert readpage to fscache read helper")
> Reported-by: Dan Carpenter <[email protected]>
> Suggested-by: Ilya Dryomov <[email protected]>
> Signed-off-by: Jeff Layton <[email protected]>


Looks good.

Acked-by: Dan Carpenter <[email protected]>

regards,
dan carpenter