LinuxLists.cc - [PATCH] orangefs: Fix possible NULL deference in orangefs

2024-02-22 10:38:21

Subject: [PATCH] orangefs: Fix possible NULL deference in orangefs_mount

scripts/coccinelle/null/deref_null.cocci complains:
fs/orangefs/super.c:584:18-25: ERROR:
ORANGEFS_SB ( sb ) is NULL but dereferenced.

When memory allocation for orangefs_sb_info_s fails, ORANGEFS_SB(sb)
is NULL and ORANGEFS_SB(sb)->no_list will result in NULL deference.
Add a judgement to fix this NULL deference problem.

Fixes: ac2c63757f4f ("orangefs: Fix sb refcount leak when allocate sb info failed.")
Signed-off-by: Su Hui <[email protected]>
---
fs/orangefs/super.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/fs/orangefs/super.c b/fs/orangefs/super.c
index 5254256a224d..c056c86e2482 100644
--- a/fs/orangefs/super.c
+++ b/fs/orangefs/super.c
@@ -581,7 +581,8 @@ struct dentry *orangefs_mount(struct file_system_type *fst,

free_sb_and_op:
/* Will call orangefs_kill_sb with sb not in list. */
- ORANGEFS_SB(sb)->no_list = 1;
+ if (ORANGEFS_SB(sb))
+ ORANGEFS_SB(sb)->no_list = 1;
/* ORANGEFS_VFS_OP_FS_UMOUNT is done by orangefs_kill_sb. */
deactivate_locked_super(sb);
free_op:
--
2.30.2

2024-02-22 10:46:28

by Dan Carpenter

[permalink] [raw]

Subject: Re: [PATCH] orangefs: Fix possible NULL deference in orangefs_mount

This was already fixed in commit:
9bf93dcfc453 ("Julia Lawall reported this null pointer dereference, this
should fix it.")

Amusing subject... :P

regards,
dan carpenter

2024-02-23 02:11:50

by Su Hui

[permalink] [raw]

Subject: Re: [PATCH] orangefs: Fix possible NULL deference in orangefs_mount

On 2024/2/22 18:45, Dan Carpenter wrote:

> This was already fixed in commit:
> 9bf93dcfc453 ("Julia Lawall reported this null pointer dereference, this
> should fix it.")
>
> Amusing subject... :P

Oh, really sorry for this. I forgot to check the linux-next git.

I'm not sure if commit 9bf93dcfc453 will lead to sb refcount leak which
was previously fixed
by ac2c63757f4f ("orangefs: Fix sb refcount leak when allocate sb info
failed.").

In any case, the null pointer problem has been solved.

Thanks for your reminder:)

Su Hui

2024-02-23 06:23:11

by Dan Carpenter

[permalink] [raw]

Subject: Re: [PATCH] orangefs: Fix possible NULL deference in orangefs_mount

On Fri, Feb 23, 2024 at 10:11:03AM +0800, Su Hui wrote:
> On 2024/2/22 18:45, Dan Carpenter wrote:
>
> > This was already fixed in commit:
> > 9bf93dcfc453 ("Julia Lawall reported this null pointer dereference, this
> > should fix it.")
> >
> > Amusing subject... :P
>
> Oh, really sorry for this. I forgot to check the linux-next git.
>
> I'm not sure if commit 9bf93dcfc453 will lead to sb refcount leak which was
> previously fixed
> by ac2c63757f4f ("orangefs: Fix sb refcount leak when allocate sb info
> failed.").
>

Yeah, you're right. Do you want to re-fix that?

regards,
dan carpenter