[PATCH] btrfs: fix potential null pointer dereference bug

From: Cong Ding
Date: Thu Jan 24 2013 - 18:30:45 EST

Next message: Valdis . Kletnieks: "Re: [Consult] Plan: personal contributes plan for 2013"
Previous message: Randy Dunlap: "Re: linux-next: Tree for Jan 24 (extcon-max77693)"
In reply to: Cong Ding: "Re: [PATCH] btrfs: fix potential null pointer dereference bug"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The bug happens when rb_node == NULL. It causes variable node to be NULL and
then the NULL pointer is dereferenced this line:
BUG_ON((struct btrfs_root *)node->data != root);

So we check node before the dereference.

Signed-off-by: Cong Ding <dinggnu@xxxxxxxxx>
---
fs/btrfs/relocation.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/btrfs/relocation.c b/fs/btrfs/relocation.c
index 17c306b..938b037 100644
--- a/fs/btrfs/relocation.c
+++ b/fs/btrfs/relocation.c
@@ -1269,7 +1269,7 @@ static int __update_reloc_root(struct btrfs_root *root, int del)
}
spin_unlock(&rc->reloc_root_tree.lock);

- BUG_ON((struct btrfs_root *)node->data != root);
+ BUG_ON(!node || (struct btrfs_root *)node->data != root);

if (!del) {
spin_lock(&rc->reloc_root_tree.lock);
--
1.7.10.4

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Valdis . Kletnieks: "Re: [Consult] Plan: personal contributes plan for 2013"
Previous message: Randy Dunlap: "Re: linux-next: Tree for Jan 24 (extcon-max77693)"
In reply to: Cong Ding: "Re: [PATCH] btrfs: fix potential null pointer dereference bug"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]