Re: [PATCH v2] udf: fix an uninitialized read bug and remove dead code
From: Jan Kara
Date: Wed Apr 17 2019 - 07:14:13 EST
On Mon 15-04-19 12:58:06, Wenwen Wang wrote:
> In udf_lookup(), the pointer 'fi' is a local variable initialized by the
> return value of the function call udf_find_entry(). However, if the macro
> 'UDF_RECOVERY' is defined, this variable will become uninitialized if the
> else branch is not taken, which can potentially cause incorrect results in
> the following execution.
>
> To fix this issue, this patch drops the whole code in the ifdef
> 'UDF_RECOVERY' region, as it is dead code.
>
> Signed-off-by: Wenwen Wang <wang6495@xxxxxxx>
Thanks for the patch. I've added it to my tree.
Honza
> ---
> fs/udf/namei.c | 15 ---------------
> 1 file changed, 15 deletions(-)
>
> diff --git a/fs/udf/namei.c b/fs/udf/namei.c
> index 58cc241..77b6d89 100644
> --- a/fs/udf/namei.c
> +++ b/fs/udf/namei.c
> @@ -304,21 +304,6 @@ static struct dentry *udf_lookup(struct inode *dir, struct dentry *dentry,
> if (dentry->d_name.len > UDF_NAME_LEN)
> return ERR_PTR(-ENAMETOOLONG);
>
> -#ifdef UDF_RECOVERY
> - /* temporary shorthand for specifying files by inode number */
> - if (!strncmp(dentry->d_name.name, ".B=", 3)) {
> - struct kernel_lb_addr lb = {
> - .logicalBlockNum = 0,
> - .partitionReferenceNum =
> - simple_strtoul(dentry->d_name.name + 3,
> - NULL, 0),
> - };
> - inode = udf_iget(dir->i_sb, lb);
> - if (IS_ERR(inode))
> - return inode;
> - } else
> -#endif /* UDF_RECOVERY */
> -
> fi = udf_find_entry(dir, &dentry->d_name, &fibh, &cfi);
> if (IS_ERR(fi))
> return ERR_CAST(fi);
> --
> 2.7.4
>
>
--
Jan Kara <jack@xxxxxxxx>
SUSE Labs, CR