Received: by 2002:a25:7ec1:0:0:0:0:0 with SMTP id z184csp776466ybc; Sat, 16 Nov 2019 08:29:49 -0800 (PST) X-Google-Smtp-Source: APXvYqz1xivBA0tde/HiuSKBP/0EGfLmoQ94unjSxZDwSTkkTo+mM+pQECtxNO8XqjzA0dqx0Grz X-Received: by 2002:a17:906:80d5:: with SMTP id a21mr10988544ejx.114.1573921789359; Sat, 16 Nov 2019 08:29:49 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1573921789; cv=none; d=google.com; s=arc-20160816; b=rZrqvVsY3NQ+qiJSfH/Xh6+y07mgdRg13PvtSlaeSj5moS2cecoTWAAtoqI1xTvjkg gTcncIfEtybt2CdbWIgLAu+2jPs/KIqtbBfCNfDnTD8qgSxpYRE7+w6kDo4Vnk6Tldpp vP4/UBEYpJWIHka8cYEZZ7P9JpNBRtcyWRDyoQqxDTo2dX98zliDMu0329hoA2CgzoQc nsvxqSFrkZ3mM9d4TO2MoQ4fAX3f0o2AAEY2lkYQzsb2FQud9on2eBVfZNSgNGTSsJ7C TUlEjkCav2ZZXYYr+tQd0K4dEVfT55YNm0d4MUR5MSPu/azPHYZKcJoOtwWt7gj0VU2k Solg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=uVYCAmNb4Ms/B3lgo4U7p8Ah70H9BRyE58V8IgO8JiY=; b=VHsaDTyMV7ZCEvJjRO4h8xFhydIsTTklAC0QY9E4uan9VdGkQ5gDR8jDxlVvqkw8Kz aRU2O8PhTIqFzONufF83N+3kLa6OOWOwrHEf8q99w8kDRcdCPoK+s+oo5/BUyIqOzmIY MVCU8OL6iUHiKOSlf5rj4HnWK3P174YP3baZom09oDHt0UIwzlPO/6NjxZSw0JUNPlun F+QxC1U1DGtm2nNfHrVXsN6Rw9FW8ii2eiKRBP/mMRd8TDJaAijepBIKHE0JDXaAG4Kv Ukpr7HmW1sz67t/iyPT/wLHJcNXo790WQPxTF1cQFwZaNSvjHqdauVDiCJoF+cfc2HsL d2Mw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=m9ItCvsS; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i7si9346575eda.375.2019.11.16.08.29.24; Sat, 16 Nov 2019 08:29:49 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=m9ItCvsS; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729859AbfKPQ1E (ORCPT + 99 others); Sat, 16 Nov 2019 11:27:04 -0500 Received: from mail.kernel.org ([198.145.29.99]:44944 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727969AbfKPPll (ORCPT ); Sat, 16 Nov 2019 10:41:41 -0500 Received: from sasha-vm.mshome.net (unknown [50.234.116.4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 609AE2081E; Sat, 16 Nov 2019 15:41:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1573918900; bh=rsnNf15HrUbaGOrIbi6wyozb9yMbdByNuffKHCgCcss=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=m9ItCvsSC2uJjajHlASRqYoi5HM99qCHZ6y+K2+rYf4dq+DxdMO+2QRNyjeQkHiuZ dOUT+5mQWyo0hbVLovnj63vTf9GV18Vq2FYNK4qSYPEsIVOHtFGwN+p86u4+nPxTBy 9GmQj1uoTxjaQssmABcI2JvGUFbuZBXQ1hGSB3A4= From: Sasha Levin To: linux-kernel@vger.kernel.org, stable@vger.kernel.org Cc: Nikolay Borisov , Lu Fengqi , David Sterba , Sasha Levin , linux-btrfs@vger.kernel.org Subject: [PATCH AUTOSEL 4.19 029/237] btrfs: handle error of get_old_root Date: Sat, 16 Nov 2019 10:37:44 -0500 Message-Id: <20191116154113.7417-29-sashal@kernel.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20191116154113.7417-1-sashal@kernel.org> References: <20191116154113.7417-1-sashal@kernel.org> MIME-Version: 1.0 X-stable: review X-Patchwork-Hint: Ignore Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Nikolay Borisov [ Upstream commit 315bed43fea532650933e7bba316a7601d439edf ] In btrfs_search_old_slot get_old_root is always used with the assumption it cannot fail. However, this is not true in rare circumstance it can fail and return null. This will lead to null point dereference when the header is read. Fix this by checking the return value and properly handling NULL by setting ret to -EIO and returning gracefully. Coverity-id: 1087503 Signed-off-by: Nikolay Borisov Reviewed-by: Lu Fengqi Reviewed-by: David Sterba Signed-off-by: David Sterba Signed-off-by: Sasha Levin --- fs/btrfs/ctree.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/fs/btrfs/ctree.c b/fs/btrfs/ctree.c index 9fd383285f0ea..fc764f350f05a 100644 --- a/fs/btrfs/ctree.c +++ b/fs/btrfs/ctree.c @@ -3031,6 +3031,10 @@ int btrfs_search_old_slot(struct btrfs_root *root, const struct btrfs_key *key, again: b = get_old_root(root, time_seq); + if (!b) { + ret = -EIO; + goto done; + } level = btrfs_header_level(b); p->locks[level] = BTRFS_READ_LOCK; -- 2.20.1