Received: by 2002:a25:7ec1:0:0:0:0:0 with SMTP id z184csp6020651ybc; Wed, 27 Nov 2019 13:32:02 -0800 (PST) X-Google-Smtp-Source: APXvYqx0ZzGTBI23o9U8GBr6JyiBP7pgZDAlcpySK6vIme4i8GJhXMy7yOSviBglAxk1QBvH0OSu X-Received: by 2002:a05:6402:1850:: with SMTP id v16mr34332157edy.301.1574890322339; Wed, 27 Nov 2019 13:32:02 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1574890322; cv=none; d=google.com; s=arc-20160816; b=UDTgQmoNdsWf/8vtY8nUrvNiYyp3saOAwyuErJdm/90yQP7STVyju9peBKUuOYPhPV 8Vdmc++OhTG1Fw5D/gezAONfs2mzNXh378S1LxxBClKZ5PAUTYrGhP8IGIFLwjFxf3c1 6yOYBmsX5twjZMvUQvvuZoThlYceUDFSESc/HmJUvubsMj4I9wNMuAbpmAa4qsyYBUR8 sEjL4P67Vqf/3C9yx/Fjk3HV5K7xrCRt6Z/eN/fPxC/zebp17ekb5XhwcxPYyA0weVgF +DAb6FcxHvRpFbqt37GcFjNXH8ySK3Tz/kHdrzGGZGx/XY/s6LJUJRyKthLEc4Woz16+ FPQw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=uVYCAmNb4Ms/B3lgo4U7p8Ah70H9BRyE58V8IgO8JiY=; b=ufn6dceimbLDW279FEs68xXHMfUZXQqRuX2cUGtgLS8kkQlIl9OcJjqLKE2QA5b4fr 3tp7U0Czfa5moFyqEunZtp05vO8sdyEtrCuX0VnMyitqrpn1IsAS52GOwt6WyGlQm4s/ I3MctyJLO0cZSkXfyQ+YlEFrVMYJgGQDJc2KT6eA6WXlmhCA+dTPG9uLSV/pJeFt/9ye 7T/LAQ8j0xefaFZMfsy1c5J0Ht5quBvttTxljN9ZKEB/7dIulozeRrev4lW/LOMFTCv+ QBwqJaAw35JWowurFCt2b7oVU+OZxJbufgKDc92FdqD3j5WA1kJ8hBB4AefifQuWXdQI 7TbA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=IZD49FNI; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m9si10622180eds.14.2019.11.27.13.31.38; Wed, 27 Nov 2019 13:32:02 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=IZD49FNI; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729090AbfK0U5H (ORCPT + 99 others); Wed, 27 Nov 2019 15:57:07 -0500 Received: from mail.kernel.org ([198.145.29.99]:47952 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730754AbfK0U5C (ORCPT ); Wed, 27 Nov 2019 15:57:02 -0500 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 632A821556; Wed, 27 Nov 2019 20:57:01 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1574888221; bh=rsnNf15HrUbaGOrIbi6wyozb9yMbdByNuffKHCgCcss=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=IZD49FNIyTb9tcjGVAeOV21b2IyeqxlKS+Qxhg0IrVDPuUOK7yAsGo/56tnaGIb3Q WOnNU2bw4heg2OJnkgEJcDH161jjfDY4GaK7aJrXUR9RKcWfE6XcbWU6opd7p1dbRA m94fZZoEUZ9knkCDFYvsA1fZjsgrMBG5eQPVwGPc= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Nikolay Borisov , Lu Fengqi , David Sterba , Sasha Levin Subject: [PATCH 4.19 049/306] btrfs: handle error of get_old_root Date: Wed, 27 Nov 2019 21:28:19 +0100 Message-Id: <20191127203118.381291584@linuxfoundation.org> X-Mailer: git-send-email 2.24.0 In-Reply-To: <20191127203114.766709977@linuxfoundation.org> References: <20191127203114.766709977@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Nikolay Borisov [ Upstream commit 315bed43fea532650933e7bba316a7601d439edf ] In btrfs_search_old_slot get_old_root is always used with the assumption it cannot fail. However, this is not true in rare circumstance it can fail and return null. This will lead to null point dereference when the header is read. Fix this by checking the return value and properly handling NULL by setting ret to -EIO and returning gracefully. Coverity-id: 1087503 Signed-off-by: Nikolay Borisov Reviewed-by: Lu Fengqi Reviewed-by: David Sterba Signed-off-by: David Sterba Signed-off-by: Sasha Levin --- fs/btrfs/ctree.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/fs/btrfs/ctree.c b/fs/btrfs/ctree.c index 9fd383285f0ea..fc764f350f05a 100644 --- a/fs/btrfs/ctree.c +++ b/fs/btrfs/ctree.c @@ -3031,6 +3031,10 @@ int btrfs_search_old_slot(struct btrfs_root *root, const struct btrfs_key *key, again: b = get_old_root(root, time_seq); + if (!b) { + ret = -EIO; + goto done; + } level = btrfs_header_level(b); p->locks[level] = BTRFS_READ_LOCK; -- 2.20.1