Message ID | 1340901000-7595-2-git-send-email-luis.henriques@canonical.com |
---|---|
State | New |
Headers | show |
On Thu, Jun 28, 2012 at 05:29:59PM +0100, Luis Henriques wrote: > As ocfs2_fallocate() will invoke __ocfs2_change_file_space() with a NULL > as the first parameter (file), it may trigger a NULL pointer dereferrence > due to a missing check. See http://bugs.launchpad.net/bugs/1006012. > > Cc: stable@vger.kernel.org > Signed-off-by: Luis Henriques <luis.henriques@canonical.com> > --- > fs/ocfs2/file.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/fs/ocfs2/file.c b/fs/ocfs2/file.c > index 6e39668..84822a4 100644 > --- a/fs/ocfs2/file.c > +++ b/fs/ocfs2/file.c > @@ -1950,7 +1950,7 @@ static int __ocfs2_change_file_space(struct file *file, struct inode *inode, > if (ret < 0) > mlog_errno(ret); > > - if (file->f_flags & O_SYNC) > + if (file && (file->f_flags & O_SYNC)) > handle->h_sync = 1; > > ocfs2_commit_trans(osb, handle); > -- > 1.7.9.5 > > > -- > kernel-team mailing list > kernel-team@lists.ubuntu.com > https://lists.ubuntu.com/mailman/listinfo/kernel-team
Looks straight forward enough. For application as pre-stable to precise the buglink needs to be a bit more "formal"ized.
Stefan Bader <stefan.bader@canonical.com> writes: > Looks straight forward enough. For application as pre-stable to precise the > buglink needs to be a bit more "formal"ized. Yep, my bad -- sorry, forgot to add it as I just re-sent it to kernel-team@, editing only the cover letter :-/ Cheers, -- Luis
Applied to Precise and Quantal master-next. I added the BugLink and also marked this as SAUCE as it has not officially landed in Linus' tree yet. Thanks, Leann On 06/28/2012 09:29 AM, Luis Henriques wrote: > As ocfs2_fallocate() will invoke __ocfs2_change_file_space() with a NULL > as the first parameter (file), it may trigger a NULL pointer dereferrence > due to a missing check. See http://bugs.launchpad.net/bugs/1006012. > > Cc: stable@vger.kernel.org > Signed-off-by: Luis Henriques <luis.henriques@canonical.com> > --- > fs/ocfs2/file.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/fs/ocfs2/file.c b/fs/ocfs2/file.c > index 6e39668..84822a4 100644 > --- a/fs/ocfs2/file.c > +++ b/fs/ocfs2/file.c > @@ -1950,7 +1950,7 @@ static int __ocfs2_change_file_space(struct file *file, struct inode *inode, > if (ret < 0) > mlog_errno(ret); > > - if (file->f_flags & O_SYNC) > + if (file && (file->f_flags & O_SYNC)) > handle->h_sync = 1; > > ocfs2_commit_trans(osb, handle);
diff --git a/fs/ocfs2/file.c b/fs/ocfs2/file.c index 6e39668..84822a4 100644 --- a/fs/ocfs2/file.c +++ b/fs/ocfs2/file.c @@ -1950,7 +1950,7 @@ static int __ocfs2_change_file_space(struct file *file, struct inode *inode, if (ret < 0) mlog_errno(ret); - if (file->f_flags & O_SYNC) + if (file && (file->f_flags & O_SYNC)) handle->h_sync = 1; ocfs2_commit_trans(osb, handle);
As ocfs2_fallocate() will invoke __ocfs2_change_file_space() with a NULL as the first parameter (file), it may trigger a NULL pointer dereferrence due to a missing check. See http://bugs.launchpad.net/bugs/1006012. Cc: stable@vger.kernel.org Signed-off-by: Luis Henriques <luis.henriques@canonical.com> --- fs/ocfs2/file.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)