Re: [Patch] Possible NULL pointer dereference in fs/configfs/dir.c
From: Joel Becker
Date: Wed Mar 22 2006 - 18:24:23 EST
On Thu, Mar 23, 2006 at 12:05:29AM +0100, Eric Sesterhenn wrote:
> this fixes coverity bug #845, if group is NULL,
> we dereference it when setting up dentry.
Is the converity checker merly looking at in-function patterns?
Where can I access the bug report (sorry for the question).
group cannot be null here, we aren't called any other way. So
while you are correct that the code below is needed in the presence of a
NULL group, really the "if (group" isn't necessary, just the "if
(group->default_groups)". I could even BUG_ON() if you'd like.
Joel
>
> Signed-off-by: Eric Sesterhenn <snakebyte@xxxxxx>
>
> --- linux-2.6.16/fs/configfs/dir.c.orig 2006-03-23 00:02:23.000000000 +0100
> +++ linux-2.6.16/fs/configfs/dir.c 2006-03-23 00:03:49.000000000 +0100
> @@ -500,7 +500,7 @@ static int create_default_group(struct c
> static int populate_groups(struct config_group *group)
> {
> struct config_group *new_group;
> - struct dentry *dentry = group->cg_item.ci_dentry;
> + struct dentry *dentry;
> int ret = 0;
> int i;
>
> @@ -512,6 +512,8 @@ static int populate_groups(struct config
> * parent to find us, let alone mess with our tree.
> * That said, taking our i_mutex is closer to mkdir
> * emulation, and shouldn't hurt. */
> + dentry = group->cg_item.ci_dentry;
> +
> mutex_lock(&dentry->d_inode->i_mutex);
>
> for (i = 0; group->default_groups[i]; i++) {
>
>
--
"Win95 file and print sharing are for relatively friendly nets."
- Paul Leach, Microsoft
Joel Becker
Principal Software Developer
Oracle
E-mail: joel.becker@xxxxxxxxxx
Phone: (650) 506-8127
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/