| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <87ms4ez7q4.fsf@wotan.olymp>
Date: Sat, 22 Nov 2025 10:23:31 +0000
From: Luis Henriques <luis@...lia.com>
To: Dan Carpenter <dan.carpenter@...aro.org>
Cc: Miklos Szeredi <miklos@...redi.hu>, linux-fsdevel@...r.kernel.org,
linux-kernel@...r.kernel.org, kernel-janitors@...r.kernel.org
Subject: Re: [PATCH next] fuse: Uninitialized variable in fuse_epoch_work()
On Fri, Nov 21 2025, Dan Carpenter wrote:
> On Fri, Nov 21, 2025 at 01:53:48PM +0000, Luis Henriques wrote:
>> On Fri, Nov 21 2025, Dan Carpenter wrote:
>>
>> > The "fm" pointer is either valid or uninitialized so checking for NULL
>> > doesn't work. Check the "inode" pointer instead.
>>
>> Hmm? Why do you say 'fm' isn't initialised? That's what fuse_ilookup()
>> is doing, isn't it?
>>
>
> I just checked again on linux-next. fuse_ilookup() only initializes
> *fm on the success path. It's either uninitialized or valid.
Yikes! You're absolutely right, I'm sorry for replying without checking.
Feel free to add my
Reviewed-by: Luis Henriques <luis@...lia.com>
Although I guess you're patch could also move the iput():
diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c
index 67e3340a443c..f2bac7b3a125 100644
--- a/fs/fuse/dir.c
+++ b/fs/fuse/dir.c
@@ -199,9 +199,8 @@ void fuse_epoch_work(struct work_struct *work)
down_read(&fc->killsb);
inode = fuse_ilookup(fc, FUSE_ROOT_ID, &fm);
- iput(inode);
-
- if (fm) {
+ if (inode) {
+ iput(inode);
/* Remove all possible active references to cached inodes */
shrink_dcache_sb(fm->sb);
} else
And thanks for your fix, Dan!
Cheers,
--
Luís
Powered by blists - more mailing lists