[PATCH] netfs: Add a check for NULL folioq in netfs_writeback_unlock_folios

From: Chang Yu
Date: Fri Oct 25 2024 - 00:40:31 EST


syzkaller reported a null-pointer dereference bug
(https://syzkaller.appspot.com/bug?extid=af5c06208fa71bf31b16) in
netfs_writeback_unlock_folios caused by passing a NULL folioq to
folioq_folio. Fix by adding a check before entering the loop.

Signed-off-by: Chang Yu <marcus.yu.56@xxxxxxxxx>
Reported-by: syzbot+af5c06208fa71bf31b16@xxxxxxxxxxxxxxxxxxxxxxxxx
Closes: https://syzkaller.appspot.com/bug?extid=af5c06208fa71bf31b16
Fixes: cd0277ed0c18 ("netfs: Use new folio_queue data type and iterator instead of xarray iter")
---
fs/netfs/write_collect.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/netfs/write_collect.c b/fs/netfs/write_collect.c
index 1d438be2e1b4..23d46a409ff2 100644
--- a/fs/netfs/write_collect.c
+++ b/fs/netfs/write_collect.c
@@ -98,7 +98,7 @@ static void netfs_writeback_unlock_folios(struct netfs_io_request *wreq,
slot = 0;
}

- for (;;) {
+ while (folioq) {
struct folio *folio;
struct netfs_folio *finfo;
unsigned long long fpos, fend;
--
2.47.0