Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp387053ybi;
        Fri, 26 Jul 2019 11:24:54 -0700 (PDT)
X-Google-Smtp-Source: APXvYqz+6bGQAeHb9K3omqc1t/bcM9vu8Qkh5oqhTuXmrqpGBKvleu0btOqbAeyfGcYKyLxlfP/X
X-Received: by 2002:a17:90a:a613:: with SMTP id c19mr101497590pjq.17.1564165494265;
        Fri, 26 Jul 2019 11:24:54 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1564165494; cv=none;
        d=google.com; s=arc-20160816;
        b=hE4KETfVD32YbR8BfpP2dyUOmTAnyFP5ggSmFlPc/AUAHaBuKjfWdjvfLHic/+q+tE
         V0pygiAz619+T4goz1srVC/AQ5WGB+gsIlhF0T1zV72SzO/rLH3yV08KeixfboQ2kSDB
         jdOkZpykCWegZ2/Sl7R/B7C/5CS3D3r3WzX9YuSaNYOaPlWqNtdRRgzaR+/EAlL01Ti8
         bwB+KR4VRDWi/1PTiEOYYmurUDxJJH78IQ7S7bEWahQ1Fv59+W52h55+qyne+L1yTUng
         w9kKelHoss9A8tSyO7hTJn/sf/MCZCC6otkbga95kDn0Hs7qS6Rv5ICxlSLbsMZsFJqP
         hZNg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-transfer-encoding:content-disposition:mime-version
         :references:mail-followup-to:reply-to:message-id:subject:cc:to:from
         :date;
        bh=cX+Pbra1hgMVBciqml4UgeKdbOp6k7YTHIkuxMKVkgk=;
        b=j/keeHphoKIiIpdA4flLz9Ox+m8w3Q1sStXwP3ccWyFMMAYBUKej6xfkXsJFFWlNPE
         V9jeauWQSIu6EbAnP6FGCkP1PYZlmwUqwNSkffdF0eAHle3eJbbRA/6bkDfbIusySzXZ
         BS41dlIEx0rUfFN9hGG1SHcvBF0oKgyrVWxUacuFNjAej/ARK9exBjDFviZXCrmy1NUl
         D3WCzz2kAjQY6M8TuUMWvMRb2FOoxnH840XjYdD3u0hc+JQuicG0i+6FpfSh652N3Bps
         Z4RqVfu0G8oKfH0zWSFCux4iEsK/FIDaf8/WGa/DlRWOuBneo+pEzf/ZNS7ETf/Zx9tf
         xD6g==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id i36si18313360plb.365.2019.07.26.11.24.39;
        Fri, 26 Jul 2019 11:24:54 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S2387706AbfGZPFh (ORCPT <rfc822;schlichte.alexander@gmail.com>
        + 99 others); Fri, 26 Jul 2019 11:05:37 -0400
Received: from mx2.suse.de ([195.135.220.15]:54518 "EHLO mx1.suse.de"
        rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
        id S1727287AbfGZPFg (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 26 Jul 2019 11:05:36 -0400
X-Virus-Scanned: by amavisd-new at test-mx.suse.de
Received: from relay2.suse.de (unknown [195.135.220.254])
        by mx1.suse.de (Postfix) with ESMTP id B3D96ADF1;
        Fri, 26 Jul 2019 15:05:34 +0000 (UTC)
Received: by ds.suse.cz (Postfix, from userid 10065)
        id 85BAADA811; Fri, 26 Jul 2019 17:06:10 +0200 (CEST)
Date:   Fri, 26 Jul 2019 17:06:09 +0200
From:   David Sterba <dsterba@suse.cz>
To:     Qu Wenruo <quwenruo.btrfs@gmx.com>
Cc:     Jia-Ju Bai <baijiaju1990@gmail.com>, clm@fb.com,
        josef@toxicpanda.com, dsterba@suse.com,
        linux-btrfs@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] fs: btrfs: Fix a possible null-pointer dereference in
 insert_inline_extent()
Message-ID: <20190726150609.GE2868@twin.jikos.cz>
Reply-To: dsterba@suse.cz
Mail-Followup-To: dsterba@suse.cz, Qu Wenruo <quwenruo.btrfs@gmx.com>,
        Jia-Ju Bai <baijiaju1990@gmail.com>, clm@fb.com,
        josef@toxicpanda.com, dsterba@suse.com, linux-btrfs@vger.kernel.org,
        linux-kernel@vger.kernel.org
References: <20190724021132.27378-1-baijiaju1990@gmail.com>
 <df4b5d21-0983-3ca2-44de-ea9f1616df7f@gmx.com>
 <800ae777-928f-2969-d4dd-6f358a039e48@gmail.com>
 <1b708c0d-8ea1-3898-0340-9cbce1fc2602@gmx.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <1b708c0d-8ea1-3898-0340-9cbce1fc2602@gmx.com>
User-Agent: Mutt/1.5.23.1 (2014-03-12)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Wed, Jul 24, 2019 at 10:57:24AM +0800, Qu Wenruo wrote:
> On 2019/7/24 上午10:33, Jia-Ju Bai wrote:
> > On 2019/7/24 10:21, Qu Wenruo wrote:
> >> On 2019/7/24 上午10:11, Jia-Ju Bai wrote:
> >>> In insert_inline_extent(), there is an if statement on line 181 to check
> >>> whether compressed_pages is NULL:
> >>>      if (compressed_size && compressed_pages)
> >>>
> >>> When compressed_pages is NULL, compressed_pages is used on line 215:
> >>>      cpage = compressed_pages[i];
> >>>
> >>> Thus, a possible null-pointer dereference may occur.
> >>>
> >>> To fix this possible bug, compressed_pages is checked on line 214.
> >> This can only be hit with compressed_size > 0 and compressed_pages !=
> >> NULL.
> >>
> >> It would be better to have an extra ASSERT() to warn developers about
> >> the impossible case.
> > 
> > Thanks for the reply :)
> > So I should add ASSERT(compressed_size > 0 & compressed_pages) at the
> > beginning of the function, and remove "if (compressed_size &&
> > compressed_pages)"?
> 
> My suggestion is, ASSERT((compressed_size >0 && compressed_pages) ||
> (compressed_size == 0 && !compressed_pages))
> 
> And keeps the original checks.
> 
> Anyway, just a suggestion.

Agreed, the assertion would be good, covering both cases in one
statement at the beginning of the function.