linux-fsdevel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH 1/2] hfsplus: prevent crash on exit from failed search
@ 2018-06-29 18:34 Ernesto A. Fernández
  2018-06-29 18:37 ` [PATCH 2/2] hfs: " Ernesto A. Fernández
  2018-07-02 18:01 ` [PATCH 1/2] hfsplus: " Viacheslav Dubeyko
  0 siblings, 2 replies; 6+ messages in thread
From: Ernesto A. Fernández @ 2018-06-29 18:34 UTC (permalink / raw)
  To: linux-fsdevel; +Cc: Andrew Morton, Anatoly Trosinenko

The hfs_find_exit() function expects fd->bnode to be NULL after a
search has failed. The hfs_brec_insert() function may instead set
it to an error-valued pointer. Fix this to prevent a crash.

Reported-by: Anatoly Trosinenko <anatoly.trosinenko@gmail.com>
Signed-off-by: Ernesto A. Fernández <ernesto.mnd.fernandez@gmail.com>
---
 fs/hfsplus/brec.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/fs/hfsplus/brec.c b/fs/hfsplus/brec.c
index 808f4d8c859c..ed8eacb34452 100644
--- a/fs/hfsplus/brec.c
+++ b/fs/hfsplus/brec.c
@@ -73,9 +73,10 @@ int hfs_brec_insert(struct hfs_find_data *fd, void *entry, int entry_len)
 	if (!fd->bnode) {
 		if (!tree->root)
 			hfs_btree_inc_height(tree);
-		fd->bnode = hfs_bnode_find(tree, tree->leaf_head);
-		if (IS_ERR(fd->bnode))
-			return PTR_ERR(fd->bnode);
+		node = hfs_bnode_find(tree, tree->leaf_head);
+		if (IS_ERR(node))
+			return PTR_ERR(node);
+		fd->bnode = node;
 		fd->record = -1;
 	}
 	new_node = NULL;
-- 
2.11.0

^ permalink raw reply related	[flat|nested] 6+ messages in thread

* [PATCH 2/2] hfs: prevent crash on exit from failed search
  2018-06-29 18:34 [PATCH 1/2] hfsplus: prevent crash on exit from failed search Ernesto A. Fernández
@ 2018-06-29 18:37 ` Ernesto A. Fernández
  2018-07-02 18:01 ` [PATCH 1/2] hfsplus: " Viacheslav Dubeyko
  1 sibling, 0 replies; 6+ messages in thread
From: Ernesto A. Fernández @ 2018-06-29 18:37 UTC (permalink / raw)
  To: linux-fsdevel; +Cc: Andrew Morton, Anatoly Trosinenko

The hfs_find_exit() function expects fd->bnode to be NULL after a
search has failed. The hfs_brec_insert() function may instead set
it to an error-valued pointer. Fix this to prevent a crash.

Signed-off-by: Ernesto A. Fernández <ernesto.mnd.fernandez@gmail.com>
---
 fs/hfs/brec.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/fs/hfs/brec.c b/fs/hfs/brec.c
index ad04a5741016..9a8772465a90 100644
--- a/fs/hfs/brec.c
+++ b/fs/hfs/brec.c
@@ -75,9 +75,10 @@ int hfs_brec_insert(struct hfs_find_data *fd, void *entry, int entry_len)
 	if (!fd->bnode) {
 		if (!tree->root)
 			hfs_btree_inc_height(tree);
-		fd->bnode = hfs_bnode_find(tree, tree->leaf_head);
-		if (IS_ERR(fd->bnode))
-			return PTR_ERR(fd->bnode);
+		node = hfs_bnode_find(tree, tree->leaf_head);
+		if (IS_ERR(node))
+			return PTR_ERR(node);
+		fd->bnode = node;
 		fd->record = -1;
 	}
 	new_node = NULL;
-- 
2.11.0

^ permalink raw reply related	[flat|nested] 6+ messages in thread

* Re: [PATCH 1/2] hfsplus: prevent crash on exit from failed search
  2018-06-29 18:34 [PATCH 1/2] hfsplus: prevent crash on exit from failed search Ernesto A. Fernández
  2018-06-29 18:37 ` [PATCH 2/2] hfs: " Ernesto A. Fernández
@ 2018-07-02 18:01 ` Viacheslav Dubeyko
  2018-08-21 23:02   ` Andrew Morton
  1 sibling, 1 reply; 6+ messages in thread
From: Viacheslav Dubeyko @ 2018-07-02 18:01 UTC (permalink / raw)
  To: Ernesto A. Fernández
  Cc: linux-fsdevel, Andrew Morton, Anatoly Trosinenko

On Fri, 2018-06-29 at 15:34 -0300, Ernesto A. Fernández wrote:
> The hfs_find_exit() function expects fd->bnode to be NULL after a
> search has failed. The hfs_brec_insert() function may instead set
> it to an error-valued pointer. Fix this to prevent a crash.
> 
> Reported-by: Anatoly Trosinenko <anatoly.trosinenko@gmail.com>
> Signed-off-by: Ernesto A. Fernández <ernesto.mnd.fernandez@gmail.com>
> ---
>  fs/hfsplus/brec.c | 7 ++++---
>  1 file changed, 4 insertions(+), 3 deletions(-)
> 
> diff --git a/fs/hfsplus/brec.c b/fs/hfsplus/brec.c
> index 808f4d8c859c..ed8eacb34452 100644
> --- a/fs/hfsplus/brec.c
> +++ b/fs/hfsplus/brec.c
> @@ -73,9 +73,10 @@ int hfs_brec_insert(struct hfs_find_data *fd, void *entry, int entry_len)
>  	if (!fd->bnode) {
>  		if (!tree->root)
>  			hfs_btree_inc_height(tree);
> -		fd->bnode = hfs_bnode_find(tree, tree->leaf_head);
> -		if (IS_ERR(fd->bnode))
> -			return PTR_ERR(fd->bnode);


Are you sure that no caller is used this error code? Did you check this?

Maybe, it makes sense to extract the error code and to show the error
message on the caller side instead of processing the simple NULL?

Thanks,
Vyacheslav Dubeyko.


> +		node = hfs_bnode_find(tree, tree->leaf_head);
> +		if (IS_ERR(node))
> +			return PTR_ERR(node);
> +		fd->bnode = node;
>  		fd->record = -1;
>  	}
>  	new_node = NULL;

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH 1/2] hfsplus: prevent crash on exit from failed search
  2018-07-02 18:01 ` [PATCH 1/2] hfsplus: " Viacheslav Dubeyko
@ 2018-08-21 23:02   ` Andrew Morton
  2018-08-22 18:11     ` Ernesto A. Fernández
  0 siblings, 1 reply; 6+ messages in thread
From: Andrew Morton @ 2018-08-21 23:02 UTC (permalink / raw)
  To: Viacheslav Dubeyko
  Cc: Ernesto A. Fernández, linux-fsdevel, Anatoly Trosinenko

On Mon, 02 Jul 2018 11:01:37 -0700 Viacheslav Dubeyko <slava@dubeyko.com> wrote:

> On Fri, 2018-06-29 at 15:34 -0300, Ernesto A. Fern�ndez wrote:
> > The hfs_find_exit() function expects fd->bnode to be NULL after a
> > search has failed. The hfs_brec_insert() function may instead set
> > it to an error-valued pointer. Fix this to prevent a crash.
> > 
> > Reported-by: Anatoly Trosinenko <anatoly.trosinenko@gmail.com>
> > Signed-off-by: Ernesto A. Fern�ndez <ernesto.mnd.fernandez@gmail.com>
> > ---
> >  fs/hfsplus/brec.c | 7 ++++---
> >  1 file changed, 4 insertions(+), 3 deletions(-)
> > 
> > diff --git a/fs/hfsplus/brec.c b/fs/hfsplus/brec.c
> > index 808f4d8c859c..ed8eacb34452 100644
> > --- a/fs/hfsplus/brec.c
> > +++ b/fs/hfsplus/brec.c
> > @@ -73,9 +73,10 @@ int hfs_brec_insert(struct hfs_find_data *fd, void *entry, int entry_len)
> >  	if (!fd->bnode) {
> >  		if (!tree->root)
> >  			hfs_btree_inc_height(tree);
> > -		fd->bnode = hfs_bnode_find(tree, tree->leaf_head);
> > -		if (IS_ERR(fd->bnode))
> > -			return PTR_ERR(fd->bnode);
> 
> 
> Are you sure that no caller is used this error code? Did you check this?
> 
> Maybe, it makes sense to extract the error code and to show the error
> message on the caller side instead of processing the simple NULL?
> 

No response?  Could we please get this wrapped up?

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH 1/2] hfsplus: prevent crash on exit from failed search
  2018-08-21 23:02   ` Andrew Morton
@ 2018-08-22 18:11     ` Ernesto A. Fernández
  2018-08-22 20:27       ` Viacheslav Dubeyko
  0 siblings, 1 reply; 6+ messages in thread
From: Ernesto A. Fernández @ 2018-08-22 18:11 UTC (permalink / raw)
  To: Andrew Morton; +Cc: Viacheslav Dubeyko, linux-fsdevel, Anatoly Trosinenko

On Tue, Aug 21, 2018 at 04:02:24PM -0700, Andrew Morton wrote:
> On Mon, 02 Jul 2018 11:01:37 -0700 Viacheslav Dubeyko <slava@dubeyko.com> wrote:
> 
> > On Fri, 2018-06-29 at 15:34 -0300, Ernesto A. Fernández wrote:
> > > The hfs_find_exit() function expects fd->bnode to be NULL after a
> > > search has failed. The hfs_brec_insert() function may instead set
> > > it to an error-valued pointer. Fix this to prevent a crash.
> > > 
> > > Reported-by: Anatoly Trosinenko <anatoly.trosinenko@gmail.com>
> > > Signed-off-by: Ernesto A. Fernández <ernesto.mnd.fernandez@gmail.com>
> > > ---
> > >  fs/hfsplus/brec.c | 7 ++++---
> > >  1 file changed, 4 insertions(+), 3 deletions(-)
> > > 
> > > diff --git a/fs/hfsplus/brec.c b/fs/hfsplus/brec.c
> > > index 808f4d8c859c..ed8eacb34452 100644
> > > --- a/fs/hfsplus/brec.c
> > > +++ b/fs/hfsplus/brec.c
> > > @@ -73,9 +73,10 @@ int hfs_brec_insert(struct hfs_find_data *fd, void *entry, int entry_len)
> > >  	if (!fd->bnode) {
> > >  		if (!tree->root)
> > >  			hfs_btree_inc_height(tree);
> > > -		fd->bnode = hfs_bnode_find(tree, tree->leaf_head);
> > > -		if (IS_ERR(fd->bnode))
> > > -			return PTR_ERR(fd->bnode);
> > 
> > 
> > Are you sure that no caller is used this error code? Did you check this?
> > 
> > Maybe, it makes sense to extract the error code and to show the error
> > message on the caller side instead of processing the simple NULL?
> > 
> 
> No response?  Could we please get this wrapped up?

I'm sorry, I thought you had picked this up already. Yes, I did check that
no caller was using this. fd->bnode is always assumed to be NULL on error.
Also, the error code is not lost, it's the return value of the function.

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH 1/2] hfsplus: prevent crash on exit from failed search
  2018-08-22 18:11     ` Ernesto A. Fernández
@ 2018-08-22 20:27       ` Viacheslav Dubeyko
  0 siblings, 0 replies; 6+ messages in thread
From: Viacheslav Dubeyko @ 2018-08-22 20:27 UTC (permalink / raw)
  To: Ernesto A. Fernández
  Cc: Andrew Morton, linux-fsdevel, Anatoly Trosinenko

On Wed, 2018-08-22 at 15:11 -0300, Ernesto A. Fernández wrote:
> On Tue, Aug 21, 2018 at 04:02:24PM -0700, Andrew Morton wrote:
> > On Mon, 02 Jul 2018 11:01:37 -0700 Viacheslav Dubeyko <slava@dubeyko.com> wrote:
> > 
> > > On Fri, 2018-06-29 at 15:34 -0300, Ernesto A. Fernández wrote:
> > > > The hfs_find_exit() function expects fd->bnode to be NULL after a
> > > > search has failed. The hfs_brec_insert() function may instead set
> > > > it to an error-valued pointer. Fix this to prevent a crash.
> > > > 
> > > > Reported-by: Anatoly Trosinenko <anatoly.trosinenko@gmail.com>
> > > > Signed-off-by: Ernesto A. Fernández <ernesto.mnd.fernandez@gmail.com>
> > > > ---
> > > >  fs/hfsplus/brec.c | 7 ++++---
> > > >  1 file changed, 4 insertions(+), 3 deletions(-)
> > > > 
> > > > diff --git a/fs/hfsplus/brec.c b/fs/hfsplus/brec.c
> > > > index 808f4d8c859c..ed8eacb34452 100644
> > > > --- a/fs/hfsplus/brec.c
> > > > +++ b/fs/hfsplus/brec.c
> > > > @@ -73,9 +73,10 @@ int hfs_brec_insert(struct hfs_find_data *fd, void *entry, int entry_len)
> > > >  	if (!fd->bnode) {
> > > >  		if (!tree->root)
> > > >  			hfs_btree_inc_height(tree);
> > > > -		fd->bnode = hfs_bnode_find(tree, tree->leaf_head);
> > > > -		if (IS_ERR(fd->bnode))
> > > > -			return PTR_ERR(fd->bnode);
> > > 
> > > 
> > > Are you sure that no caller is used this error code? Did you check this?
> > > 
> > > Maybe, it makes sense to extract the error code and to show the error
> > > message on the caller side instead of processing the simple NULL?
> > > 
> > 
> > No response?  Could we please get this wrapped up?
> 
> I'm sorry, I thought you had picked this up already. Yes, I did check that
> no caller was using this. fd->bnode is always assumed to be NULL on error.
> Also, the error code is not lost, it's the return value of the function.

OK. Looks reasonable.

Reviewed-by: Vyacheslav Dubeyko <slava@dubeyko.com>

Thanks,
Vyacheslav Dubeyko.

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2018-08-22 23:54 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-06-29 18:34 [PATCH 1/2] hfsplus: prevent crash on exit from failed search Ernesto A. Fernández
2018-06-29 18:37 ` [PATCH 2/2] hfs: " Ernesto A. Fernández
2018-07-02 18:01 ` [PATCH 1/2] hfsplus: " Viacheslav Dubeyko
2018-08-21 23:02   ` Andrew Morton
2018-08-22 18:11     ` Ernesto A. Fernández
2018-08-22 20:27       ` Viacheslav Dubeyko

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).