From: Sasha Levin <sashal@kernel.org> To: linux-kernel@vger.kernel.org, stable@vger.kernel.org Cc: Sasha Levin <sashal@kernel.org>, TOTE Robot <oslab@tsinghua.edu.cn>, Linus Torvalds <torvalds@linux-foundation.org>, Tuo Li <islituo@gmail.com>, ocfs2-devel@oss.oracle.com Subject: [Ocfs2-devel] [PATCH AUTOSEL 4.14 18/19] ocfs2: quota_local: fix possible uninitialized-variable access in ocfs2_local_read_info() Date: Thu, 9 Sep 2021 20:23:08 -0400 [thread overview] Message-ID: <20210910002309.176412-18-sashal@kernel.org> (raw) In-Reply-To: <20210910002309.176412-1-sashal@kernel.org> From: Tuo Li <islituo@gmail.com> [ Upstream commit 6c85c2c728193d19d6a908ae9fb312d0325e65ca ] A memory block is allocated through kmalloc(), and its return value is assigned to the pointer oinfo. However, oinfo->dqi_gqinode is not initialized but it is accessed in: iput(oinfo->dqi_gqinode); To fix this possible uninitialized-variable access, assign NULL to oinfo->dqi_gqinode, and add ocfs2_qinfo_lock_res_init() behind the assignment in ocfs2_local_read_info(). Remove ocfs2_qinfo_lock_res_init() in ocfs2_global_read_info(). Link: https://lkml.kernel.org/r/20210804031832.57154-1-islituo@gmail.com Signed-off-by: Tuo Li <islituo@gmail.com> Reported-by: TOTE Robot <oslab@tsinghua.edu.cn> Reviewed-by: Joseph Qi <joseph.qi@linux.alibaba.com> Cc: Mark Fasheh <mark@fasheh.com> Cc: Joel Becker <jlbec@evilplan.org> Cc: Junxiao Bi <junxiao.bi@oracle.com> Cc: Changwei Ge <gechangwei@live.cn> Cc: Gang He <ghe@suse.com> Cc: Jun Piao <piaojun@huawei.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Sasha Levin <sashal@kernel.org> --- fs/ocfs2/quota_global.c | 1 - fs/ocfs2/quota_local.c | 2 ++ 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/fs/ocfs2/quota_global.c b/fs/ocfs2/quota_global.c index d212d09c00b1..f78e5294f5d2 100644 --- a/fs/ocfs2/quota_global.c +++ b/fs/ocfs2/quota_global.c @@ -356,7 +356,6 @@ int ocfs2_global_read_info(struct super_block *sb, int type) } oinfo->dqi_gi.dqi_sb = sb; oinfo->dqi_gi.dqi_type = type; - ocfs2_qinfo_lock_res_init(&oinfo->dqi_gqlock, oinfo); oinfo->dqi_gi.dqi_entry_size = sizeof(struct ocfs2_global_disk_dqblk); oinfo->dqi_gi.dqi_ops = &ocfs2_global_ops; oinfo->dqi_gqi_bh = NULL; diff --git a/fs/ocfs2/quota_local.c b/fs/ocfs2/quota_local.c index 16c42ed0dca8..b5216ed38e8d 100644 --- a/fs/ocfs2/quota_local.c +++ b/fs/ocfs2/quota_local.c @@ -703,6 +703,8 @@ static int ocfs2_local_read_info(struct super_block *sb, int type) info->dqi_priv = oinfo; oinfo->dqi_type = type; INIT_LIST_HEAD(&oinfo->dqi_chunk); + oinfo->dqi_gqinode = NULL; + ocfs2_qinfo_lock_res_init(&oinfo->dqi_gqlock, oinfo); oinfo->dqi_rec = NULL; oinfo->dqi_lqi_bh = NULL; oinfo->dqi_libh = NULL; -- 2.30.2 _______________________________________________ Ocfs2-devel mailing list Ocfs2-devel@oss.oracle.com https://oss.oracle.com/mailman/listinfo/ocfs2-devel
WARNING: multiple messages have this Message-ID (diff)
From: Sasha Levin <sashal@kernel.org> To: linux-kernel@vger.kernel.org, stable@vger.kernel.org Cc: Tuo Li <islituo@gmail.com>, TOTE Robot <oslab@tsinghua.edu.cn>, Joseph Qi <joseph.qi@linux.alibaba.com>, Mark Fasheh <mark@fasheh.com>, Joel Becker <jlbec@evilplan.org>, Junxiao Bi <junxiao.bi@oracle.com>, Changwei Ge <gechangwei@live.cn>, Gang He <ghe@suse.com>, Jun Piao <piaojun@huawei.com>, Andrew Morton <akpm@linux-foundation.org>, Linus Torvalds <torvalds@linux-foundation.org>, Sasha Levin <sashal@kernel.org>, ocfs2-devel@oss.oracle.com Subject: [PATCH AUTOSEL 4.14 18/19] ocfs2: quota_local: fix possible uninitialized-variable access in ocfs2_local_read_info() Date: Thu, 9 Sep 2021 20:23:08 -0400 [thread overview] Message-ID: <20210910002309.176412-18-sashal@kernel.org> (raw) In-Reply-To: <20210910002309.176412-1-sashal@kernel.org> From: Tuo Li <islituo@gmail.com> [ Upstream commit 6c85c2c728193d19d6a908ae9fb312d0325e65ca ] A memory block is allocated through kmalloc(), and its return value is assigned to the pointer oinfo. However, oinfo->dqi_gqinode is not initialized but it is accessed in: iput(oinfo->dqi_gqinode); To fix this possible uninitialized-variable access, assign NULL to oinfo->dqi_gqinode, and add ocfs2_qinfo_lock_res_init() behind the assignment in ocfs2_local_read_info(). Remove ocfs2_qinfo_lock_res_init() in ocfs2_global_read_info(). Link: https://lkml.kernel.org/r/20210804031832.57154-1-islituo@gmail.com Signed-off-by: Tuo Li <islituo@gmail.com> Reported-by: TOTE Robot <oslab@tsinghua.edu.cn> Reviewed-by: Joseph Qi <joseph.qi@linux.alibaba.com> Cc: Mark Fasheh <mark@fasheh.com> Cc: Joel Becker <jlbec@evilplan.org> Cc: Junxiao Bi <junxiao.bi@oracle.com> Cc: Changwei Ge <gechangwei@live.cn> Cc: Gang He <ghe@suse.com> Cc: Jun Piao <piaojun@huawei.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Sasha Levin <sashal@kernel.org> --- fs/ocfs2/quota_global.c | 1 - fs/ocfs2/quota_local.c | 2 ++ 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/fs/ocfs2/quota_global.c b/fs/ocfs2/quota_global.c index d212d09c00b1..f78e5294f5d2 100644 --- a/fs/ocfs2/quota_global.c +++ b/fs/ocfs2/quota_global.c @@ -356,7 +356,6 @@ int ocfs2_global_read_info(struct super_block *sb, int type) } oinfo->dqi_gi.dqi_sb = sb; oinfo->dqi_gi.dqi_type = type; - ocfs2_qinfo_lock_res_init(&oinfo->dqi_gqlock, oinfo); oinfo->dqi_gi.dqi_entry_size = sizeof(struct ocfs2_global_disk_dqblk); oinfo->dqi_gi.dqi_ops = &ocfs2_global_ops; oinfo->dqi_gqi_bh = NULL; diff --git a/fs/ocfs2/quota_local.c b/fs/ocfs2/quota_local.c index 16c42ed0dca8..b5216ed38e8d 100644 --- a/fs/ocfs2/quota_local.c +++ b/fs/ocfs2/quota_local.c @@ -703,6 +703,8 @@ static int ocfs2_local_read_info(struct super_block *sb, int type) info->dqi_priv = oinfo; oinfo->dqi_type = type; INIT_LIST_HEAD(&oinfo->dqi_chunk); + oinfo->dqi_gqinode = NULL; + ocfs2_qinfo_lock_res_init(&oinfo->dqi_gqlock, oinfo); oinfo->dqi_rec = NULL; oinfo->dqi_lqi_bh = NULL; oinfo->dqi_libh = NULL; -- 2.30.2
next prev parent reply other threads:[~2021-09-10 0:23 UTC|newest] Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top 2021-09-10 0:22 [PATCH AUTOSEL 4.14 01/19] clk: rockchip: rk3036: fix up the sclk_sfc parent error Sasha Levin 2021-09-10 0:22 ` Sasha Levin 2021-09-10 0:22 ` Sasha Levin 2021-09-10 0:22 ` [PATCH AUTOSEL 4.14 02/19] scsi: smartpqi: Fix ISR accessing uninitialized data Sasha Levin 2021-09-10 0:22 ` [PATCH AUTOSEL 4.14 03/19] scsi: lpfc: Fix cq_id truncation in rq create Sasha Levin 2021-09-10 0:22 ` [PATCH AUTOSEL 4.14 04/19] HID: usbhid: free raw_report buffers in usbhid_stop Sasha Levin 2021-09-10 0:22 ` [PATCH AUTOSEL 4.14 05/19] powerpc: make the install target not depend on any build artifact Sasha Levin 2021-09-10 0:22 ` Sasha Levin 2021-09-10 0:22 ` [PATCH AUTOSEL 4.14 06/19] jbd2: fix portability problems caused by unaligned accesses Sasha Levin 2021-09-10 0:22 ` [PATCH AUTOSEL 4.14 07/19] scsi: qla2xxx: Fix NPIV create erroneous error Sasha Levin 2021-09-10 0:22 ` [PATCH AUTOSEL 4.14 08/19] scsi: target: pscsi: Fix possible null-pointer dereference in pscsi_complete_cmd() Sasha Levin 2021-09-10 0:22 ` [PATCH AUTOSEL 4.14 09/19] fs: dlm: fix return -EINTR on recovery stopped Sasha Levin 2021-09-10 0:22 ` [Cluster-devel] " Sasha Levin 2021-09-10 0:23 ` [PATCH AUTOSEL 4.14 10/19] powerpc/32: indirect function call use bctrl rather than blrl in ret_from_kernel_thread Sasha Levin 2021-09-10 0:23 ` Sasha Levin 2021-09-10 0:23 ` [PATCH AUTOSEL 4.14 11/19] powerpc/booke: Avoid link stack corruption in several places Sasha Levin 2021-09-10 0:23 ` Sasha Levin 2021-09-10 0:23 ` [PATCH AUTOSEL 4.14 12/19] KVM: PPC: Book3S HV: Initialise vcpu MSR with MSR_ME Sasha Levin 2021-09-10 0:23 ` Sasha Levin 2021-09-10 0:23 ` Sasha Levin 2021-09-10 0:23 ` [PATCH AUTOSEL 4.14 13/19] RDMA/core/sa_query: Retry SA queries Sasha Levin 2021-09-10 0:23 ` [PATCH AUTOSEL 4.14 14/19] ext4: if zeroout fails fall back to splitting the extent node Sasha Levin 2021-09-10 0:23 ` [PATCH AUTOSEL 4.14 15/19] ext4: Make sure quota files are not grabbed accidentally Sasha Levin 2021-09-10 0:23 ` [PATCH AUTOSEL 4.14 16/19] xen: remove stray preempt_disable() from PV AP startup code Sasha Levin 2021-09-10 0:23 ` [PATCH AUTOSEL 4.14 17/19] checkkconfigsymbols.py: Fix the '--ignore' option Sasha Levin 2021-09-10 0:23 ` Sasha Levin [this message] 2021-09-10 0:23 ` [PATCH AUTOSEL 4.14 18/19] ocfs2: quota_local: fix possible uninitialized-variable access in ocfs2_local_read_info() Sasha Levin 2021-09-10 0:23 ` [Ocfs2-devel] [PATCH AUTOSEL 4.14 19/19] ocfs2: ocfs2_downconvert_lock failure results in deadlock Sasha Levin 2021-09-10 0:23 ` Sasha Levin
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20210910002309.176412-18-sashal@kernel.org \ --to=sashal@kernel.org \ --cc=islituo@gmail.com \ --cc=linux-kernel@vger.kernel.org \ --cc=ocfs2-devel@oss.oracle.com \ --cc=oslab@tsinghua.edu.cn \ --cc=stable@vger.kernel.org \ --cc=torvalds@linux-foundation.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.