Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp5263825ybi; Tue, 30 Jul 2019 17:22:08 -0700 (PDT) X-Google-Smtp-Source: APXvYqze7RuPl02JqSrkp6xDlBOjJkfyE90Zzeid9ycTzQIS9dtAjtByfd2JdFokFuvgtfF7/wEr X-Received: by 2002:a17:902:2a6b:: with SMTP id i98mr111185743plb.75.1564532528510; Tue, 30 Jul 2019 17:22:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1564532528; cv=none; d=google.com; s=arc-20160816; b=glT9Kpd5Jc1iqbyHOcMubM2T6YXiMasp4EclbvYJTLFCnEm1GIZ80PoyIaOPJgGNn0 caq3BpT6waVnbydnAEIqBviWnBL/1wfnpbVML9u/rD4g0PJCQPfV4TjzEqwJqJvhTwFi vSYuZLyNrOChyqxZhxv89d7oWk80hxED7YARBFYZ+4FmO7o50t5hHM9EsauxC9N8nbXH 0OPGjxo1p0t7EKAzFMuSnjsYM4VHaadWosGIi2h4EVsccjdp5Qcimhq9O4Z2wC9bxOoP t/P1w45m44wNQXMcMkvatOPAEqt79gs2+GiRzY6RvHhB02VKoySsUbBHl1RD7icJR9Q7 t4UQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=3fJdPx6SpQXrgv4qR+qwScXAnvdZmC5xyXDyYdD1KcM=; b=P4XPedrnc37QJKikT4Zy8TILmHcY9V4b62IzGbNt6jRVZV8aNxMb0SG2rrH0c66+8z i7m18UgfjYTM2H29VZFqxCPJWa8VtP6NeVmaNTAxEhzLNtV3VIEgPyGlw4kK4JlZmVgJ 1FSlZJ71Ip/MbBnk6JaE1SmWtJD+rgfee3isyanZJ1pzBWtbKyYif+c3G+P9BizGpnAq /3tGAyjMHJ5rtIXAwSKMe34y4E86PZ3j6R6VDk7A8uVSYjPpTldFt/9L3zveRpbXFWlk 7Bc24P9/GNsFG9ZO+3+2trNHL+V9QVckOOJMiz6Zw9AJnuJH4abDjOVlVWlL3cSpS1Cs /eow== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-nfs-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x1si30797949pgt.258.2019.07.30.17.21.53; Tue, 30 Jul 2019 17:22:08 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-nfs-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-nfs-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726843AbfG3XI4 (ORCPT + 99 others); Tue, 30 Jul 2019 19:08:56 -0400 Received: from fieldses.org ([173.255.197.46]:41940 "EHLO fieldses.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726704AbfG3XI4 (ORCPT ); Tue, 30 Jul 2019 19:08:56 -0400 Received: by fieldses.org (Postfix, from userid 2815) id 15EF61C26; Tue, 30 Jul 2019 19:08:56 -0400 (EDT) Date: Tue, 30 Jul 2019 19:08:56 -0400 From: "J. Bruce Fields" To: Jia-Ju Bai Cc: chuck.lever@oracle.com, linux-nfs@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH] fs: nfsd: Fix three possible null-pointer dereferences Message-ID: <20190730230856.GE3544@fieldses.org> References: <20190724082803.1077-1-baijiaju1990@gmail.com> <20190730230339.GD3544@fieldses.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20190730230339.GD3544@fieldses.org> User-Agent: Mutt/1.5.21 (2010-09-15) Sender: linux-nfs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org On Tue, Jul 30, 2019 at 07:03:39PM -0400, J. Bruce Fields wrote: > Thanks! But I think actually the correct fix is just to remove the NULL > checks entirely. So, something like the following (untested).--b. commit 7ce38d2d8a66 Author: J. Bruce Fields Date: Tue Jul 30 19:06:38 2019 -0400 nfsd: Remove unnecessary NULL checks "cb" is never actually NULL in these functions. On a quick skim of the history, they seem to have been there from the beginning. I'm not sure if they originally served a purpose. Reported-by: Jia-Ju Bai Signed-off-by: J. Bruce Fields diff --git a/fs/nfsd/nfs4callback.c b/fs/nfsd/nfs4callback.c index 397eb7820929..524111420b48 100644 --- a/fs/nfsd/nfs4callback.c +++ b/fs/nfsd/nfs4callback.c @@ -512,11 +512,9 @@ static int nfs4_xdr_dec_cb_recall(struct rpc_rqst *rqstp, if (unlikely(status)) return status; - if (cb != NULL) { - status = decode_cb_sequence4res(xdr, cb); - if (unlikely(status || cb->cb_seq_status)) - return status; - } + status = decode_cb_sequence4res(xdr, cb); + if (unlikely(status || cb->cb_seq_status)) + return status; return decode_cb_op_status(xdr, OP_CB_RECALL, &cb->cb_status); } @@ -604,11 +602,10 @@ static int nfs4_xdr_dec_cb_layout(struct rpc_rqst *rqstp, if (unlikely(status)) return status; - if (cb) { - status = decode_cb_sequence4res(xdr, cb); - if (unlikely(status || cb->cb_seq_status)) - return status; - } + status = decode_cb_sequence4res(xdr, cb); + if (unlikely(status || cb->cb_seq_status)) + return status; + return decode_cb_op_status(xdr, OP_CB_LAYOUTRECALL, &cb->cb_status); } #endif /* CONFIG_NFSD_PNFS */ @@ -663,11 +660,10 @@ static int nfs4_xdr_dec_cb_notify_lock(struct rpc_rqst *rqstp, if (unlikely(status)) return status; - if (cb) { - status = decode_cb_sequence4res(xdr, cb); - if (unlikely(status || cb->cb_seq_status)) - return status; - } + status = decode_cb_sequence4res(xdr, cb); + if (unlikely(status || cb->cb_seq_status)) + return status; + return decode_cb_op_status(xdr, OP_CB_NOTIFY_LOCK, &cb->cb_status); } @@ -759,11 +755,10 @@ static int nfs4_xdr_dec_cb_offload(struct rpc_rqst *rqstp, if (unlikely(status)) return status; - if (cb) { - status = decode_cb_sequence4res(xdr, cb); - if (unlikely(status || cb->cb_seq_status)) - return status; - } + status = decode_cb_sequence4res(xdr, cb); + if (unlikely(status || cb->cb_seq_status)) + return status; + return decode_cb_op_status(xdr, OP_CB_OFFLOAD, &cb->cb_status); } /*