lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-Id: <20250219023045.45240-1-chunjie.zhu@cloud.com>
Date: Wed, 19 Feb 2025 02:30:44 +0000
From: Chunjie Zhu <chunjie.zhu@...ud.com>
To: Bob Peterson <rpeterso@...hat.com>,
	Andreas Gruenbacher <agruenba@...hat.com>
Cc: Chunjie Zhu <chunjie.zhu@...ud.com>,
	gfs2@...ts.linux.dev,
	linux-kernel@...r.kernel.org
Subject: [v2] fix "NULL pointer dereference in gfs2_recover_func"

before checking WITHDRAW flag, we have to check inode pointer

v2:
  fix gfs2_sbd NULL pointer deference

Signed-off-by: Chunjie Zhu <chunjie.zhu@...ud.com>
---
 fs/gfs2/recovery.c | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/fs/gfs2/recovery.c b/fs/gfs2/recovery.c
index 44806513fc06..8434dd385ac5 100644
--- a/fs/gfs2/recovery.c
+++ b/fs/gfs2/recovery.c
@@ -400,7 +400,7 @@ static void recover_local_statfs(struct gfs2_jdesc *jd,
 
 void gfs2_recover_func(struct work_struct *work)
 {
-	struct gfs2_jdesc *jd = NULL;
+	struct gfs2_jdesc *jd = container_of(work, struct gfs2_jdesc, jd_work);
 	struct gfs2_inode *ip = NULL;
 	struct gfs2_sbd *sdp = NULL;
 	struct gfs2_log_header_host head;
@@ -411,16 +411,20 @@ void gfs2_recover_func(struct work_struct *work)
 	int error = 0;
 	int jlocked = 0;
 
-	if (gfs2_withdrawn(sdp)) {
-		fs_err(sdp, "jid=%u: Recovery not attempted due to withdraw.\n",
-		       jd->jd_jid);
+	if (unlikely(!jd->jd_inode)) {
+		fs_err(sdp, "jid=%u: Looks like withdraw is ongoing, skip recovery.\n",
+			   jd->jd_jid);
 		goto fail;
 	}
 
-	jd = container_of(work, struct gfs2_jdesc, jd_work);
 	ip = GFS2_I(jd->jd_inode);
 	sdp = GFS2_SB(jd->jd_inode);
 
+	if (gfs2_withdrawn(sdp)) {
+		fs_err(sdp, "jid=%u: Recovery not attempted due to withdraw.\n",
+		       jd->jd_jid);
+		goto fail;
+	}
 	t_start = ktime_get();
 	if (sdp->sd_args.ar_spectator)
 		goto fail;
-- 
2.34.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ