diff options
| author | Glauber de Oliveira Costa <glommer@br.ibm.com> | 2005-10-30 18:03:05 -0500 |
|---|---|---|
| committer | Linus Torvalds <torvalds@g5.osdl.org> | 2005-10-30 20:37:26 -0500 |
| commit | 2973dfdb877c17b36c27ba66d71028ff1eb2f32e (patch) | |
| tree | 9734599068f3fcf7cd33f948235588f7a275d193 /fs/ext3/inode.c | |
| parent | 7f04c26d715a2467a49a2384268de8f70f787b51 (diff) | |
[PATCH] Test for sb_getblk return value
This patch adds tests for the return value of sb_getblk() in the ext2/3
filesystems. In fs/buffer.c it is stated that the getblk() function never
fails. However, it does can return NULL in some situations due to I/O
errors, which may lead us to NULL pointer dereferences
Signed-off-by: Glauber de Oliveira Costa <glommer@br.ibm.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'fs/ext3/inode.c')
| -rw-r--r-- | fs/ext3/inode.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/fs/ext3/inode.c b/fs/ext3/inode.c index b5da5244e144..5d9b00e28837 100644 --- a/fs/ext3/inode.c +++ b/fs/ext3/inode.c | |||
| @@ -523,7 +523,6 @@ static int ext3_alloc_branch(handle_t *handle, struct inode *inode, | |||
| 523 | if (!nr) | 523 | if (!nr) |
| 524 | break; | 524 | break; |
| 525 | branch[n].key = cpu_to_le32(nr); | 525 | branch[n].key = cpu_to_le32(nr); |
| 526 | keys = n+1; | ||
| 527 | 526 | ||
| 528 | /* | 527 | /* |
| 529 | * Get buffer_head for parent block, zero it out | 528 | * Get buffer_head for parent block, zero it out |
| @@ -531,6 +530,9 @@ static int ext3_alloc_branch(handle_t *handle, struct inode *inode, | |||
| 531 | * parent to disk. | 530 | * parent to disk. |
| 532 | */ | 531 | */ |
| 533 | bh = sb_getblk(inode->i_sb, parent); | 532 | bh = sb_getblk(inode->i_sb, parent); |
| 533 | if (!bh) | ||
| 534 | break; | ||
| 535 | keys = n+1; | ||
| 534 | branch[n].bh = bh; | 536 | branch[n].bh = bh; |
| 535 | lock_buffer(bh); | 537 | lock_buffer(bh); |
| 536 | BUFFER_TRACE(bh, "call get_create_access"); | 538 | BUFFER_TRACE(bh, "call get_create_access"); |
| @@ -864,6 +866,10 @@ struct buffer_head *ext3_getblk(handle_t *handle, struct inode * inode, | |||
| 864 | if (!*errp && buffer_mapped(&dummy)) { | 866 | if (!*errp && buffer_mapped(&dummy)) { |
| 865 | struct buffer_head *bh; | 867 | struct buffer_head *bh; |
| 866 | bh = sb_getblk(inode->i_sb, dummy.b_blocknr); | 868 | bh = sb_getblk(inode->i_sb, dummy.b_blocknr); |
| 869 | if (!bh) { | ||
| 870 | *errp = -EIO; | ||
| 871 | goto err; | ||
| 872 | } | ||
| 867 | if (buffer_new(&dummy)) { | 873 | if (buffer_new(&dummy)) { |
| 868 | J_ASSERT(create != 0); | 874 | J_ASSERT(create != 0); |
| 869 | J_ASSERT(handle != 0); | 875 | J_ASSERT(handle != 0); |
| @@ -896,6 +902,7 @@ struct buffer_head *ext3_getblk(handle_t *handle, struct inode * inode, | |||
| 896 | } | 902 | } |
| 897 | return bh; | 903 | return bh; |
| 898 | } | 904 | } |
| 905 | err: | ||
| 899 | return NULL; | 906 | return NULL; |
| 900 | } | 907 | } |
| 901 | 908 | ||