diff options
author | Abdun Nihaal <abdun.nihaal@gmail.com> | 2022-10-30 12:32:51 +0530 |
---|---|---|
committer | Konstantin Komarov <almaz.alexandrovich@paragon-software.com> | 2023-03-27 16:59:11 +0400 |
commit | 8dae4f6341e335a09575be60b4fdf697c732a470 (patch) | |
tree | ab6c10d01d8fc58832a82f0b9f2c29de9ac1e323 /fs/ntfs3 | |
parent | 4f082a7531223a438c757bb20e304f4c941c67a8 (diff) | |
download | lwn-8dae4f6341e335a09575be60b4fdf697c732a470.tar.gz lwn-8dae4f6341e335a09575be60b4fdf697c732a470.zip |
fs/ntfs3: Fix NULL dereference in ni_write_inode
Syzbot reports a NULL dereference in ni_write_inode.
When creating a new inode, if allocation fails in mi_init function
(called in mi_format_new function), mi->mrec is set to NULL.
In the error path of this inode creation, mi->mrec is later
dereferenced in ni_write_inode.
Add a NULL check to prevent NULL dereference.
Link: https://syzkaller.appspot.com/bug?extid=f45957555ed4a808cc7a
Reported-and-tested-by: syzbot+f45957555ed4a808cc7a@syzkaller.appspotmail.com
Signed-off-by: Abdun Nihaal <abdun.nihaal@gmail.com>
Signed-off-by: Konstantin Komarov <almaz.alexandrovich@paragon-software.com>
Diffstat (limited to 'fs/ntfs3')
-rw-r--r-- | fs/ntfs3/frecord.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/fs/ntfs3/frecord.c b/fs/ntfs3/frecord.c index f1df52dfab74..912eeb3d3471 100644 --- a/fs/ntfs3/frecord.c +++ b/fs/ntfs3/frecord.c @@ -3258,6 +3258,9 @@ int ni_write_inode(struct inode *inode, int sync, const char *hint) return 0; } + if (!ni->mi.mrec) + goto out; + if (is_rec_inuse(ni->mi.mrec) && !(sbi->flags & NTFS_FLAGS_LOG_REPLAYING) && inode->i_nlink) { bool modified = false; |