Re: [PATCH] ovl: Fix possible NULL pointer dereference in ovl_destroy_inode

Next message: Jason Gunthorpe: "Re: [PATCH v1] iommu/amd: Remove unused IOMMU_IN/OUT_ADDR_BIT_SIZE macros"
Previous message: Christian Brauner: "Re: [PATCH v2] nstree: fix func. parameter kernel-doc warnings"
In reply to: Amir Goldstein: "Re: [PATCH] ovl: Fix possible NULL pointer dereference in ovl_destroy_inode"
Next in thread: Al Viro: "Re: [PATCH] ovl: Fix possible NULL pointer dereference in ovl_destroy_inode"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: sunliming

Date: Tue Apr 21 2026 - 07:39:13 EST

2026年4月21日 17:45, "Amir Goldstein" <amir73il@xxxxxxxxx mailto:amir73il@xxxxxxxxx?to=%22Amir%20Goldstein%22%20%3Camir73il%40gmail.com%3E > 写到:

>
> On Tue, Apr 21, 2026 at 11:24 AM <sunliming@xxxxxxxxx> wrote:
>
> >
> > From: sunliming <sunliming@xxxxxxxxxx>
> >
> > In the ovl_destroy_inode function, a variable reference oi->lowerdata_redirect
> > that might be NULL is directly freed. Add a non-null check, and only free
> > the space when it is not NULL.
> >
> Sunliming,
>
> This is nonsense.
> kfree() is not a dereference and kfree(NULL) is allowed.
>
> Please be more considerate of my time and the time of other
> volunteer maintainers and do not post patches that you do not
> understand yourself.
>
> Thanks,
> Amir.
>
I understand, I apologize for this patch, thank you.

> >
> > Signed-off-by: sunliming <sunliming@xxxxxxxxxx>
> > ---
> > fs/overlayfs/super.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/fs/overlayfs/super.c b/fs/overlayfs/super.c
> > index 60f0b7ceef0a..4b8b5fd4ab59 100644
> > --- a/fs/overlayfs/super.c
> > +++ b/fs/overlayfs/super.c
> > @@ -218,7 +218,7 @@ static void ovl_destroy_inode(struct inode *inode)
> > ovl_stack_put(ovl_lowerstack(oi->oe), ovl_numlower(oi->oe));
> > if (S_ISDIR(inode->i_mode))
> > ovl_dir_cache_free(inode);
> > - else
> > + else if (oi->lowerdata_redirect)
> > kfree(oi->lowerdata_redirect);
> > }
> >
> > --
> > 2.25.1
> >
>