[PATCH v4] eulerfs: fix wrong dereferencing in eufs_lookup
uniontech inclusion category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I6TN56 CVE: NA -------------------------------- smatch report: fs/eulerfs/namei.c:118 eufs_lookup() error: 'inode' dereferencing possible ERR_PTR() fix it by using the ino above in eufs_err. Signed-off-by: Kang Chen <void0red@hust.edu.cn> --- I think we need use IS_ERR to handle all errors, the err can't pass to BUG_ON line later. v4 -> v3: fix some bugs and return EIO/ENOMEM anyway. v3 -> v2: use IS_ERR to handle all kind err v2 -> v1: use correct string format fs/eulerfs/namei.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/fs/eulerfs/namei.c b/fs/eulerfs/namei.c index e4c6c36575f2..7064de644b34 100644 --- a/fs/eulerfs/namei.c +++ b/fs/eulerfs/namei.c @@ -114,9 +114,11 @@ static struct dentry *eufs_lookup(struct inode *dir, struct dentry *dentry, goto not_found; inode = eufs_iget(dir->i_sb, s2p(dir->i_sb, de->inode)); - if (inode == ERR_PTR(-ESTALE)) { - eufs_err(dir->i_sb, "deleted inode referenced: 0x%lx", - inode->i_ino); + if (IS_ERR(inode)) { + eufs_err(dir->i_sb, "eufs_iget failed ino 0x%llx err %d\n", + le64_to_cpu(de->inode), PTR_ERR(inode)); + if (inode == ERR_PTR(-ENOMEM)) + return ERR_PTR(-ENOMEM); return ERR_PTR(-EIO); } not_found: -- 2.34.1
-----Original Messages----- From: "Kang Chen" <void0red@hust.edu.cn> Sent Time: 2023-04-12 17:43:59 (Wednesday) To: yukuai3@huawei.com Cc: kernel@openeuler.org, "Kang Chen" <void0red@hust.edu.cn> Subject: [PATCH v4] eulerfs: fix wrong dereferencing in eufs_lookup
uniontech inclusion category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I6TN56 CVE: NA
--------------------------------
smatch report: fs/eulerfs/namei.c:118 eufs_lookup() error: 'inode' dereferencing possible ERR_PTR() fix it by using the ino above in eufs_err.
Signed-off-by: Kang Chen <void0red@hust.edu.cn> --- I think we need use IS_ERR to handle all errors, the err can't pass to BUG_ON line later.
v4 -> v3: fix some bugs and return EIO/ENOMEM anyway. v3 -> v2: use IS_ERR to handle all kind err v2 -> v1: use correct string format
fs/eulerfs/namei.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/fs/eulerfs/namei.c b/fs/eulerfs/namei.c index e4c6c36575f2..7064de644b34 100644 --- a/fs/eulerfs/namei.c +++ b/fs/eulerfs/namei.c @@ -114,9 +114,11 @@ static struct dentry *eufs_lookup(struct inode *dir, struct dentry *dentry, goto not_found;
inode = eufs_iget(dir->i_sb, s2p(dir->i_sb, de->inode)); - if (inode == ERR_PTR(-ESTALE)) { - eufs_err(dir->i_sb, "deleted inode referenced: 0x%lx", - inode->i_ino); + if (IS_ERR(inode)) { + eufs_err(dir->i_sb, "eufs_iget failed ino 0x%llx err %d\n", + le64_to_cpu(de->inode), PTR_ERR(inode)); + if (inode == ERR_PTR(-ENOMEM)) + return ERR_PTR(-ENOMEM); return ERR_PTR(-EIO); } not_found: -- 2.34.1
ping?
在 2023/04/12 17:43, Kang Chen 写道:
uniontech inclusion category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I6TN56 CVE: NA
--------------------------------
smatch report: fs/eulerfs/namei.c:118 eufs_lookup() error: 'inode' dereferencing possible ERR_PTR() fix it by using the ino above in eufs_err.
Signed-off-by: Kang Chen <void0red@hust.edu.cn>
Looks good to me, feel free to add: Reviewed-by: Yu Kuai <yukuai3@huawei.com>
--- I think we need use IS_ERR to handle all errors, the err can't pass to BUG_ON line later.
v4 -> v3: fix some bugs and return EIO/ENOMEM anyway. v3 -> v2: use IS_ERR to handle all kind err v2 -> v1: use correct string format
fs/eulerfs/namei.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/fs/eulerfs/namei.c b/fs/eulerfs/namei.c index e4c6c36575f2..7064de644b34 100644 --- a/fs/eulerfs/namei.c +++ b/fs/eulerfs/namei.c @@ -114,9 +114,11 @@ static struct dentry *eufs_lookup(struct inode *dir, struct dentry *dentry, goto not_found;
inode = eufs_iget(dir->i_sb, s2p(dir->i_sb, de->inode)); - if (inode == ERR_PTR(-ESTALE)) { - eufs_err(dir->i_sb, "deleted inode referenced: 0x%lx", - inode->i_ino); + if (IS_ERR(inode)) { + eufs_err(dir->i_sb, "eufs_iget failed ino 0x%llx err %d\n", + le64_to_cpu(de->inode), PTR_ERR(inode)); + if (inode == ERR_PTR(-ENOMEM)) + return ERR_PTR(-ENOMEM); return ERR_PTR(-EIO); } not_found:
participants (3)
-
Kang Chen -
void0red@hust.edu.cn
-
Yu Kuai