From patchwork Mon Jun 3 10:00:16 2013 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ruslan Bilovol X-Patchwork-Id: 248219 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 51D212C00A7 for ; Mon, 3 Jun 2013 20:00:56 +1000 (EST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756750Ab3FCKAh (ORCPT ); Mon, 3 Jun 2013 06:00:37 -0400 Received: from mail-ea0-f174.google.com ([209.85.215.174]:45505 "EHLO mail-ea0-f174.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752516Ab3FCKA0 (ORCPT ); Mon, 3 Jun 2013 06:00:26 -0400 Received: by mail-ea0-f174.google.com with SMTP id z7so3229700eaf.19 for ; Mon, 03 Jun 2013 03:00:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:from:to:cc:subject:date:message-id:x-mailer:in-reply-to :references; bh=cddrNLy/nIA+/K68uaKtt/+miDljMKorxypu59qeOw8=; b=TZNM9CmLFc17KReRlkSkz/8nL49IDoqmrc3eEJyHJf7goMVlfRtVlKzvi4aoe5iq5E YCrncT3edImEDqxmu2XlQnngBLX8HAUB1vIu56+NaVkjVBYkCvnTHaZONfDxz1TCNQag FhS69YoTRdVDpPf62aW5A9d0Yg5vYpCSXM+KYvecDASOzkGZ8cO16pDpnc5xn8UWw8CD Ct3yX/A1smr7YUGN0B+3/iGzHS1Ox9s7JRWwsNaEfmKzxiA/jTJNpFRpUqPdTWuQohl2 Ff/NsHngV3kX2PMUEOyFB7EOK6M/63JhS70cr8dm+LCg7zqirgifEo5IJrNv/TrpSFBM RMIQ== X-Received: by 10.14.204.3 with SMTP id g3mr22830832eeo.85.1370253624537; Mon, 03 Jun 2013 03:00:24 -0700 (PDT) Received: from localhost ([195.238.93.36]) by mx.google.com with ESMTPSA id bo9sm69749770eeb.9.2013.06.03.03.00.23 for (version=TLSv1.2 cipher=RC4-SHA bits=128/128); Mon, 03 Jun 2013 03:00:23 -0700 (PDT) From: Ruslan Bilovol To: tytso@mit.edu, adilger.kernel@dilger.ca Cc: linux-ext4@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH 2/2] ext4: add sanity checks in __ext4_check_dir_entry Date: Mon, 3 Jun 2013 13:00:16 +0300 Message-Id: <1370253616-8173-3-git-send-email-ruslan.bilovol@ti.com> X-Mailer: git-send-email 1.7.9.5 In-Reply-To: <1370253616-8173-1-git-send-email-ruslan.bilovol@ti.com> References: <1370253616-8173-1-git-send-email-ruslan.bilovol@ti.com> Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org Added checks for NULL before dereferencing some pointers This fixes next issue: [ 1531.530609] Unable to handle kernel NULL pointer dereference at virtual address 00000004 [ 1531.543151] pgd = d6068000 [ 1531.546112] [00000004] *pgd=00000000 [ 1531.550109] Internal error: Oops: 5 [#1] PREEMPT SMP ARM [ 1531.555816] Modules linked in: rproc_drm(O) tf_driver(O) gps_drv wl18xx(O) wl12xx(O) wlcore(O) mac80211(O) cfg80211(O) pvrsrvkm_sgx540_120(O) compat(O) [ 1531.571105] CPU: 0 Tainted: G W O (3.4.34 #1) [ 1531.576934] PC is at __ext4_check_dir_entry+0x24/0x1a4 [ 1531.582550] LR is at ext4_readdir+0x270/0x7fc [ 1531.587249] pc : [] lr : [] psr: 80000113 [ 1531.587249] sp : d6051e50 ip : 00000000 fp : d6051eb4 [ 1531.599700] r10: d4f0fdb0 r9 : c06a5c54 r8 : 000000d5 [ 1531.605377] r7 : d4c54540 r6 : d4634948 r5 : 00000000 r4 : 00000000 [ 1531.612396] r3 : d4634948 r2 : d4f0fdb0 r1 : 000000d5 r0 : c06a5c54 [ 1531.619476] Flags: Nzcv IRQs on FIQs on Mode SVC_32 ISA ARM Segment user [ 1531.627166] Control: 10c5387d Table: 9606804a DAC: 00000015 [...] [ 1532.654876] Backtrace: [ 1532.657653] [] (__ext4_check_dir_entry+0x0/0x1a4) from [] (ext4_readdir+0x270/0x7fc) [ 1532.667968] [] (ext4_readdir+0x0/0x7fc) from [] (vfs_readdir+0x9c/0xc0) [ 1532.677062] [] (vfs_readdir+0x0/0xc0) from [] (sys_getdents64+0x68/0xc0) [ 1532.686248] [] (sys_getdents64+0x0/0xc0) from [] (ret_fast_syscall+0x0/0x30) [ 1532.695800] r7:000000d9 r6:00000000 r5:416d4168 r4:416d4158 [ 1532.702270] Code: e1a07003 e1a09000 e1a08001 e59b3008 (e1dc40b4) Signed-off-by: Ruslan Bilovol --- fs/ext4/dir.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/fs/ext4/dir.c b/fs/ext4/dir.c index f8d56e4..cf0875b 100644 --- a/fs/ext4/dir.c +++ b/fs/ext4/dir.c @@ -68,8 +68,12 @@ int __ext4_check_dir_entry(const char *function, unsigned int line, unsigned int offset) { const char *error_msg = NULL; - const int rlen = ext4_rec_len_from_disk(de->rec_len, - dir->i_sb->s_blocksize); + int rlen; + + if (!de || !bh || !dir) + return 1; + + rlen = ext4_rec_len_from_disk(de->rec_len, dir->i_sb->s_blocksize); if (unlikely(rlen < EXT4_DIR_REC_LEN(1))) error_msg = "rec_len is smaller than minimal";