* [PATCH] btrfs: fix a NULL pointer dereference
@ 2019-03-14 7:50 Kangjie Lu
2019-03-14 7:54 ` Nikolay Borisov
` (2 more replies)
0 siblings, 3 replies; 13+ messages in thread
From: Kangjie Lu @ 2019-03-14 7:50 UTC (permalink / raw)
To: kjlu
Cc: pakki001, Chris Mason, Josef Bacik, David Sterba, linux-btrfs,
linux-kernel
btrfs_lookup_block_group may fail and return NULL. The fix goes
to out when it fails to avoid NULL pointer dereference.
Signed-off-by: Kangjie Lu <kjlu@umn.edu>
---
fs/btrfs/extent-tree.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/fs/btrfs/extent-tree.c b/fs/btrfs/extent-tree.c
index 994f0cc41799..b1e7985bcb9d 100644
--- a/fs/btrfs/extent-tree.c
+++ b/fs/btrfs/extent-tree.c
@@ -7303,6 +7303,8 @@ void btrfs_free_tree_block(struct btrfs_trans_handle *trans,
pin = 0;
cache = btrfs_lookup_block_group(fs_info, buf->start);
+ if (!cache)
+ goto out;
if (btrfs_header_flag(buf, BTRFS_HEADER_FLAG_WRITTEN)) {
pin_down_extent(fs_info, cache, buf->start,
--
2.17.1
^ permalink raw reply related [flat|nested] 13+ messages in thread
* Re: [PATCH] btrfs: fix a NULL pointer dereference
2019-03-14 7:50 [PATCH] btrfs: fix a NULL pointer dereference Kangjie Lu
@ 2019-03-14 7:54 ` Nikolay Borisov
2019-03-14 8:02 ` Qu Wenruo
2019-03-14 15:41 ` Josef Bacik
2019-03-14 7:59 ` Qu Wenruo
2019-03-25 16:35 ` David Sterba
2 siblings, 2 replies; 13+ messages in thread
From: Nikolay Borisov @ 2019-03-14 7:54 UTC (permalink / raw)
To: Kangjie Lu
Cc: pakki001, Chris Mason, Josef Bacik, David Sterba, linux-btrfs,
linux-kernel
On 14.03.19 г. 9:50 ч., Kangjie Lu wrote:
> btrfs_lookup_block_group may fail and return NULL. The fix goes
> to out when it fails to avoid NULL pointer dereference.
Actually no, in this case btrfs_lookup_block_group must never fail
because if we have an allocated eb then it must have been allocated from
a bg.
>
> Signed-off-by: Kangjie Lu <kjlu@umn.edu>
> ---
> fs/btrfs/extent-tree.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/fs/btrfs/extent-tree.c b/fs/btrfs/extent-tree.c
> index 994f0cc41799..b1e7985bcb9d 100644
> --- a/fs/btrfs/extent-tree.c
> +++ b/fs/btrfs/extent-tree.c
> @@ -7303,6 +7303,8 @@ void btrfs_free_tree_block(struct btrfs_trans_handle *trans,
>
> pin = 0;
> cache = btrfs_lookup_block_group(fs_info, buf->start);
> + if (!cache)
> + goto out;
>
> if (btrfs_header_flag(buf, BTRFS_HEADER_FLAG_WRITTEN)) {
> pin_down_extent(fs_info, cache, buf->start,
>
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH] btrfs: fix a NULL pointer dereference
2019-03-14 7:50 [PATCH] btrfs: fix a NULL pointer dereference Kangjie Lu
2019-03-14 7:54 ` Nikolay Borisov
@ 2019-03-14 7:59 ` Qu Wenruo
2019-03-25 16:35 ` David Sterba
2 siblings, 0 replies; 13+ messages in thread
From: Qu Wenruo @ 2019-03-14 7:59 UTC (permalink / raw)
To: Kangjie Lu
Cc: pakki001, Chris Mason, Josef Bacik, David Sterba, linux-btrfs,
linux-kernel
[-- Attachment #1.1: Type: text/plain, Size: 1103 bytes --]
On 2019/3/14 下午3:50, Kangjie Lu wrote:
> btrfs_lookup_block_group may fail and return NULL. The fix goes
> to out when it fails to avoid NULL pointer dereference.
>
> Signed-off-by: Kangjie Lu <kjlu@umn.edu>
> ---
> fs/btrfs/extent-tree.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/fs/btrfs/extent-tree.c b/fs/btrfs/extent-tree.c
> index 994f0cc41799..b1e7985bcb9d 100644
> --- a/fs/btrfs/extent-tree.c
> +++ b/fs/btrfs/extent-tree.c
> @@ -7303,6 +7303,8 @@ void btrfs_free_tree_block(struct btrfs_trans_handle *trans,
>
> pin = 0;
> cache = btrfs_lookup_block_group(fs_info, buf->start);
> + if (!cache)
> + goto out;
The check itself is OK.
Reviewed-by: Qu Wenruo <wqu@suse.com>
The problem is, here we're freeing a tree block, if there is no block
group for it, we shouldn't be able to read the extent buffer out.
So it's near impossible to hit. (Unless there is some other things wrong)
Thanks,
Qu
>
> if (btrfs_header_flag(buf, BTRFS_HEADER_FLAG_WRITTEN)) {
> pin_down_extent(fs_info, cache, buf->start,
>
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH] btrfs: fix a NULL pointer dereference
2019-03-14 7:54 ` Nikolay Borisov
@ 2019-03-14 8:02 ` Qu Wenruo
2019-03-14 8:03 ` Nikolay Borisov
2019-03-14 10:23 ` Su Yue
2019-03-14 15:41 ` Josef Bacik
1 sibling, 2 replies; 13+ messages in thread
From: Qu Wenruo @ 2019-03-14 8:02 UTC (permalink / raw)
To: Nikolay Borisov, Kangjie Lu
Cc: pakki001, Chris Mason, Josef Bacik, David Sterba, linux-btrfs,
linux-kernel
On 2019/3/14 下午3:54, Nikolay Borisov wrote:
>
>
> On 14.03.19 г. 9:50 ч., Kangjie Lu wrote:
>> btrfs_lookup_block_group may fail and return NULL. The fix goes
>> to out when it fails to avoid NULL pointer dereference.
>
> Actually no, in this case btrfs_lookup_block_group must never fail
> because if we have an allocated eb then it must have been allocated from
> a bg.
Yep, that's the normal case.
However I'm wondering if it's possible to get a bad eb which is cached.
Then we could hit such situation.
So I still believe being safe here still makes sense, especially who
knows future fuzzed image will be.
Thanks,
Qu
>
>>
>> Signed-off-by: Kangjie Lu <kjlu@umn.edu>
>> ---
>> fs/btrfs/extent-tree.c | 2 ++
>> 1 file changed, 2 insertions(+)
>>
>> diff --git a/fs/btrfs/extent-tree.c b/fs/btrfs/extent-tree.c
>> index 994f0cc41799..b1e7985bcb9d 100644
>> --- a/fs/btrfs/extent-tree.c
>> +++ b/fs/btrfs/extent-tree.c
>> @@ -7303,6 +7303,8 @@ void btrfs_free_tree_block(struct btrfs_trans_handle *trans,
>>
>> pin = 0;
>> cache = btrfs_lookup_block_group(fs_info, buf->start);
>> + if (!cache)
>> + goto out;
>>
>> if (btrfs_header_flag(buf, BTRFS_HEADER_FLAG_WRITTEN)) {
>> pin_down_extent(fs_info, cache, buf->start,
>>
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH] btrfs: fix a NULL pointer dereference
2019-03-14 8:02 ` Qu Wenruo
@ 2019-03-14 8:03 ` Nikolay Borisov
2019-03-14 8:13 ` [PATCH v2] " Kangjie Lu
2019-03-14 9:15 ` [PATCH] " Qu Wenruo
2019-03-14 10:23 ` Su Yue
1 sibling, 2 replies; 13+ messages in thread
From: Nikolay Borisov @ 2019-03-14 8:03 UTC (permalink / raw)
To: Qu Wenruo, Kangjie Lu
Cc: pakki001, Chris Mason, Josef Bacik, David Sterba, linux-btrfs,
linux-kernel
On 14.03.19 г. 10:02 ч., Qu Wenruo wrote:
>
>
> On 2019/3/14 下午3:54, Nikolay Borisov wrote:
>>
>>
>> On 14.03.19 г. 9:50 ч., Kangjie Lu wrote:
>>> btrfs_lookup_block_group may fail and return NULL. The fix goes
>>> to out when it fails to avoid NULL pointer dereference.
>>
>> Actually no, in this case btrfs_lookup_block_group must never fail
>> because if we have an allocated eb then it must have been allocated from
>> a bg.
>
> Yep, that's the normal case.
>
> However I'm wondering if it's possible to get a bad eb which is cached.
>
> Then we could hit such situation.
>
> So I still believe being safe here still makes sense, especially who
> knows future fuzzed image will be.
Then I'd rather have ASSERT(cache)
>
> Thanks,
> Qu
>
>>
>>>
>>> Signed-off-by: Kangjie Lu <kjlu@umn.edu>
>>> ---
>>> fs/btrfs/extent-tree.c | 2 ++
>>> 1 file changed, 2 insertions(+)
>>>
>>> diff --git a/fs/btrfs/extent-tree.c b/fs/btrfs/extent-tree.c
>>> index 994f0cc41799..b1e7985bcb9d 100644
>>> --- a/fs/btrfs/extent-tree.c
>>> +++ b/fs/btrfs/extent-tree.c
>>> @@ -7303,6 +7303,8 @@ void btrfs_free_tree_block(struct btrfs_trans_handle *trans,
>>>
>>> pin = 0;
>>> cache = btrfs_lookup_block_group(fs_info, buf->start);
>>> + if (!cache)
>>> + goto out;
>>>
>>> if (btrfs_header_flag(buf, BTRFS_HEADER_FLAG_WRITTEN)) {
>>> pin_down_extent(fs_info, cache, buf->start,
>>>
>
^ permalink raw reply [flat|nested] 13+ messages in thread
* [PATCH v2] btrfs: fix a NULL pointer dereference
2019-03-14 8:03 ` Nikolay Borisov
@ 2019-03-14 8:13 ` Kangjie Lu
2019-03-14 8:16 ` Nikolay Borisov
2019-03-14 9:15 ` [PATCH] " Qu Wenruo
1 sibling, 1 reply; 13+ messages in thread
From: Kangjie Lu @ 2019-03-14 8:13 UTC (permalink / raw)
To: kjlu
Cc: pakki001, Chris Mason, Josef Bacik, David Sterba, linux-btrfs,
linux-kernel
btrfs_lookup_block_group may fail and return NULL. The fix uses
assert to ensure cache is not NULL.
Signed-off-by: Kangjie Lu <kjlu@umn.edu>
---
V2: use assert as suggested by Nikolay Borisov <nborisov@suse.com>
---
fs/btrfs/extent-tree.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/fs/btrfs/extent-tree.c b/fs/btrfs/extent-tree.c
index 994f0cc41799..80d7c272d282 100644
--- a/fs/btrfs/extent-tree.c
+++ b/fs/btrfs/extent-tree.c
@@ -7303,6 +7303,7 @@ void btrfs_free_tree_block(struct btrfs_trans_handle *trans,
pin = 0;
cache = btrfs_lookup_block_group(fs_info, buf->start);
+ ASSERT(cache);
if (btrfs_header_flag(buf, BTRFS_HEADER_FLAG_WRITTEN)) {
pin_down_extent(fs_info, cache, buf->start,
--
2.17.1
^ permalink raw reply related [flat|nested] 13+ messages in thread
* Re: [PATCH v2] btrfs: fix a NULL pointer dereference
2019-03-14 8:13 ` [PATCH v2] " Kangjie Lu
@ 2019-03-14 8:16 ` Nikolay Borisov
0 siblings, 0 replies; 13+ messages in thread
From: Nikolay Borisov @ 2019-03-14 8:16 UTC (permalink / raw)
To: Kangjie Lu
Cc: pakki001, Chris Mason, Josef Bacik, David Sterba, linux-btrfs,
linux-kernel
On 14.03.19 г. 10:13 ч., Kangjie Lu wrote:
> btrfs_lookup_block_group may fail and return NULL. The fix uses
> assert to ensure cache is not NULL.
>
> Signed-off-by: Kangjie Lu <kjlu@umn.edu>
Reviewed-by: Nikolay Borisov <nborisov@suse.com>
>
> ---
> V2: use assert as suggested by Nikolay Borisov <nborisov@suse.com>
> ---
> fs/btrfs/extent-tree.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/fs/btrfs/extent-tree.c b/fs/btrfs/extent-tree.c
> index 994f0cc41799..80d7c272d282 100644
> --- a/fs/btrfs/extent-tree.c
> +++ b/fs/btrfs/extent-tree.c
> @@ -7303,6 +7303,7 @@ void btrfs_free_tree_block(struct btrfs_trans_handle *trans,
>
> pin = 0;
> cache = btrfs_lookup_block_group(fs_info, buf->start);
> + ASSERT(cache);
>
> if (btrfs_header_flag(buf, BTRFS_HEADER_FLAG_WRITTEN)) {
> pin_down_extent(fs_info, cache, buf->start,
>
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH] btrfs: fix a NULL pointer dereference
2019-03-14 8:03 ` Nikolay Borisov
2019-03-14 8:13 ` [PATCH v2] " Kangjie Lu
@ 2019-03-14 9:15 ` Qu Wenruo
2019-03-14 9:18 ` Nikolay Borisov
2019-03-14 15:26 ` Kangjie Lu
1 sibling, 2 replies; 13+ messages in thread
From: Qu Wenruo @ 2019-03-14 9:15 UTC (permalink / raw)
To: Nikolay Borisov, Kangjie Lu
Cc: pakki001, Chris Mason, Josef Bacik, David Sterba, linux-btrfs,
linux-kernel
On 2019/3/14 下午4:03, Nikolay Borisov wrote:
>
>
> On 14.03.19 г. 10:02 ч., Qu Wenruo wrote:
>>
>>
>> On 2019/3/14 下午3:54, Nikolay Borisov wrote:
>>>
>>>
>>> On 14.03.19 г. 9:50 ч., Kangjie Lu wrote:
>>>> btrfs_lookup_block_group may fail and return NULL. The fix goes
>>>> to out when it fails to avoid NULL pointer dereference.
>>>
>>> Actually no, in this case btrfs_lookup_block_group must never fail
>>> because if we have an allocated eb then it must have been allocated from
>>> a bg.
>>
>> Yep, that's the normal case.
>>
>> However I'm wondering if it's possible to get a bad eb which is cached.
>>
>> Then we could hit such situation.
>>
>> So I still believe being safe here still makes sense, especially who
>> knows future fuzzed image will be.
>
> Then I'd rather have ASSERT(cache)
Isn't assert() a bad idea for production build without assert() support?
Thanks,
Qu
>
>>
>> Thanks,
>> Qu
>>
>>>
>>>>
>>>> Signed-off-by: Kangjie Lu <kjlu@umn.edu>
>>>> ---
>>>> fs/btrfs/extent-tree.c | 2 ++
>>>> 1 file changed, 2 insertions(+)
>>>>
>>>> diff --git a/fs/btrfs/extent-tree.c b/fs/btrfs/extent-tree.c
>>>> index 994f0cc41799..b1e7985bcb9d 100644
>>>> --- a/fs/btrfs/extent-tree.c
>>>> +++ b/fs/btrfs/extent-tree.c
>>>> @@ -7303,6 +7303,8 @@ void btrfs_free_tree_block(struct btrfs_trans_handle *trans,
>>>>
>>>> pin = 0;
>>>> cache = btrfs_lookup_block_group(fs_info, buf->start);
>>>> + if (!cache)
>>>> + goto out;
>>>>
>>>> if (btrfs_header_flag(buf, BTRFS_HEADER_FLAG_WRITTEN)) {
>>>> pin_down_extent(fs_info, cache, buf->start,
>>>>
>>
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH] btrfs: fix a NULL pointer dereference
2019-03-14 9:15 ` [PATCH] " Qu Wenruo
@ 2019-03-14 9:18 ` Nikolay Borisov
2019-03-14 15:26 ` Kangjie Lu
1 sibling, 0 replies; 13+ messages in thread
From: Nikolay Borisov @ 2019-03-14 9:18 UTC (permalink / raw)
To: Qu Wenruo, Kangjie Lu
Cc: pakki001, Chris Mason, Josef Bacik, David Sterba, linux-btrfs,
linux-kernel
On 14.03.19 г. 11:15 ч., Qu Wenruo wrote:
> Isn't assert() a bad idea for production build without assert() support?
As already discussed this is invariant of the code, if this invariant is
broken then in production builds we'd likely crash (which is good since
we want to understand why and not silently handle it). In debug builds
the assert will be triggered.
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH] btrfs: fix a NULL pointer dereference
2019-03-14 8:02 ` Qu Wenruo
2019-03-14 8:03 ` Nikolay Borisov
@ 2019-03-14 10:23 ` Su Yue
1 sibling, 0 replies; 13+ messages in thread
From: Su Yue @ 2019-03-14 10:23 UTC (permalink / raw)
To: Qu Wenruo, Nikolay Borisov, Kangjie Lu
Cc: pakki001, Chris Mason, Josef Bacik, David Sterba, linux-btrfs,
linux-kernel
On 2019/3/14 4:02 PM, Qu Wenruo wrote:
>
>
> On 2019/3/14 下午3:54, Nikolay Borisov wrote:
>>
>>
>> On 14.03.19 г. 9:50 ч., Kangjie Lu wrote:
>>> btrfs_lookup_block_group may fail and return NULL. The fix goes
>>> to out when it fails to avoid NULL pointer dereference.
>>
>> Actually no, in this case btrfs_lookup_block_group must never fail
>> because if we have an allocated eb then it must have been allocated from
>> a bg.
>
> Yep, that's the normal case.
>
> However I'm wondering if it's possible to get a bad eb which is cached.
>
> Then we could hit such situation.
>
> So I still believe being safe here still makes sense, especially who
> knows future fuzzed image will be.
Plus one.
Personally, I'd rather like the version 1.
Thanks,
Su
>
> Thanks,
> Qu
>
>>
>>>
>>> Signed-off-by: Kangjie Lu <kjlu@umn.edu>
>>> ---
>>> fs/btrfs/extent-tree.c | 2 ++
>>> 1 file changed, 2 insertions(+)
>>>
>>> diff --git a/fs/btrfs/extent-tree.c b/fs/btrfs/extent-tree.c
>>> index 994f0cc41799..b1e7985bcb9d 100644
>>> --- a/fs/btrfs/extent-tree.c
>>> +++ b/fs/btrfs/extent-tree.c
>>> @@ -7303,6 +7303,8 @@ void btrfs_free_tree_block(struct btrfs_trans_handle *trans,
>>>
>>> pin = 0;
>>> cache = btrfs_lookup_block_group(fs_info, buf->start);
>>> + if (!cache)
>>> + goto out;
>>>
>>> if (btrfs_header_flag(buf, BTRFS_HEADER_FLAG_WRITTEN)) {
>>> pin_down_extent(fs_info, cache, buf->start,
>>>
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH] btrfs: fix a NULL pointer dereference
2019-03-14 9:15 ` [PATCH] " Qu Wenruo
2019-03-14 9:18 ` Nikolay Borisov
@ 2019-03-14 15:26 ` Kangjie Lu
1 sibling, 0 replies; 13+ messages in thread
From: Kangjie Lu @ 2019-03-14 15:26 UTC (permalink / raw)
To: Qu Wenruo, Nikolay Borisov
Cc: pakki001, Chris Mason, Josef Bacik, David Sterba, linux-btrfs,
linux-kernel
On 3/14/19 4:15 AM, Qu Wenruo wrote:
>
> On 2019/3/14 下午4:03, Nikolay Borisov wrote:
>>
>> On 14.03.19 г. 10:02 ч., Qu Wenruo wrote:
>>>
>>> On 2019/3/14 下午3:54, Nikolay Borisov wrote:
>>>>
>>>> On 14.03.19 г. 9:50 ч., Kangjie Lu wrote:
>>>>> btrfs_lookup_block_group may fail and return NULL. The fix goes
>>>>> to out when it fails to avoid NULL pointer dereference.
>>>> Actually no, in this case btrfs_lookup_block_group must never fail
>>>> because if we have an allocated eb then it must have been allocated from
>>>> a bg.
>>> Yep, that's the normal case.
>>>
>>> However I'm wondering if it's possible to get a bad eb which is cached.
>>>
>>> Then we could hit such situation.
>>>
>>> So I still believe being safe here still makes sense, especially who
>>> knows future fuzzed image will be.
>> Then I'd rather have ASSERT(cache)
> Isn't assert() a bad idea for production build without assert() support?
I also agree with that, in general, assert should not be used in
production runs. The first patch might be better.
>
> Thanks,
> Qu
>
>>> Thanks,
>>> Qu
>>>
>>>>> Signed-off-by: Kangjie Lu <kjlu@umn.edu>
>>>>> ---
>>>>> fs/btrfs/extent-tree.c | 2 ++
>>>>> 1 file changed, 2 insertions(+)
>>>>>
>>>>> diff --git a/fs/btrfs/extent-tree.c b/fs/btrfs/extent-tree.c
>>>>> index 994f0cc41799..b1e7985bcb9d 100644
>>>>> --- a/fs/btrfs/extent-tree.c
>>>>> +++ b/fs/btrfs/extent-tree.c
>>>>> @@ -7303,6 +7303,8 @@ void btrfs_free_tree_block(struct btrfs_trans_handle *trans,
>>>>>
>>>>> pin = 0;
>>>>> cache = btrfs_lookup_block_group(fs_info, buf->start);
>>>>> + if (!cache)
>>>>> + goto out;
>>>>>
>>>>> if (btrfs_header_flag(buf, BTRFS_HEADER_FLAG_WRITTEN)) {
>>>>> pin_down_extent(fs_info, cache, buf->start,
>>>>>
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH] btrfs: fix a NULL pointer dereference
2019-03-14 7:54 ` Nikolay Borisov
2019-03-14 8:02 ` Qu Wenruo
@ 2019-03-14 15:41 ` Josef Bacik
1 sibling, 0 replies; 13+ messages in thread
From: Josef Bacik @ 2019-03-14 15:41 UTC (permalink / raw)
To: Nikolay Borisov
Cc: Kangjie Lu, pakki001, Chris Mason, Josef Bacik, David Sterba,
linux-btrfs, linux-kernel
On Thu, Mar 14, 2019 at 09:54:07AM +0200, Nikolay Borisov wrote:
>
>
> On 14.03.19 г. 9:50 ч., Kangjie Lu wrote:
> > btrfs_lookup_block_group may fail and return NULL. The fix goes
> > to out when it fails to avoid NULL pointer dereference.
>
> Actually no, in this case btrfs_lookup_block_group must never fail
> because if we have an allocated eb then it must have been allocated from
> a bg.
>
Agreed, we only get to btrfs_free_tree_block() if we are actually deleting the
extent buffer. We would have had to read in the extent buffer first to get
here, which would have failed if there was no block group. We can't get into
this situation with a specifically crafted file system to exploit this as we'd
bail out well before we could get to btrfs_free_tree_block(). Adding an
ASSERT() makes sure developers aren't doing anything stupid, but again we'd have
to be doing something _super_ stupid to hit it. Thanks,
Josef
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH] btrfs: fix a NULL pointer dereference
2019-03-14 7:50 [PATCH] btrfs: fix a NULL pointer dereference Kangjie Lu
2019-03-14 7:54 ` Nikolay Borisov
2019-03-14 7:59 ` Qu Wenruo
@ 2019-03-25 16:35 ` David Sterba
2 siblings, 0 replies; 13+ messages in thread
From: David Sterba @ 2019-03-25 16:35 UTC (permalink / raw)
To: Kangjie Lu
Cc: pakki001, Chris Mason, Josef Bacik, David Sterba, linux-btrfs,
linux-kernel
On Thu, Mar 14, 2019 at 02:50:40AM -0500, Kangjie Lu wrote:
> btrfs_lookup_block_group may fail and return NULL. The fix goes
> to out when it fails to avoid NULL pointer dereference.
The subject, changelog and code change are not valid anymore after the
discussion. Please update them accordingly and resend. Thanks.
^ permalink raw reply [flat|nested] 13+ messages in thread
end of thread, other threads:[~2019-03-25 16:34 UTC | newest]
Thread overview: 13+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-03-14 7:50 [PATCH] btrfs: fix a NULL pointer dereference Kangjie Lu
2019-03-14 7:54 ` Nikolay Borisov
2019-03-14 8:02 ` Qu Wenruo
2019-03-14 8:03 ` Nikolay Borisov
2019-03-14 8:13 ` [PATCH v2] " Kangjie Lu
2019-03-14 8:16 ` Nikolay Borisov
2019-03-14 9:15 ` [PATCH] " Qu Wenruo
2019-03-14 9:18 ` Nikolay Borisov
2019-03-14 15:26 ` Kangjie Lu
2019-03-14 10:23 ` Su Yue
2019-03-14 15:41 ` Josef Bacik
2019-03-14 7:59 ` Qu Wenruo
2019-03-25 16:35 ` David Sterba
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).