[PATCH] btrfs: Fix incorrect check causing NULL pointer derefernce

From: Aditya Pakki
Date: Sun Dec 15 2019 - 12:32:33 EST


In btrfsic_process_superblock, argument state is dereferenced for
the variable fs_info and then checked for NULL. The patch fixes
this issue by returning an error if state is NULL and then assigns
fs_info.

Signed-off-by: Aditya Pakki <pakki001@xxxxxxx>
---
fs/btrfs/check-integrity.c | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/fs/btrfs/check-integrity.c b/fs/btrfs/check-integrity.c
index 0b52ab4cb964..70d7a05cafad 100644
--- a/fs/btrfs/check-integrity.c
+++ b/fs/btrfs/check-integrity.c
@@ -629,15 +629,18 @@ static struct btrfsic_dev_state *btrfsic_dev_state_hashtable_lookup(dev_t dev,
static int btrfsic_process_superblock(struct btrfsic_state *state,
struct btrfs_fs_devices *fs_devices)
{
- struct btrfs_fs_info *fs_info = state->fs_info;
- struct btrfs_super_block *selected_super;
+ struct btrfsic_dev_state *selected_dev_state = NULL;
struct list_head *dev_head = &fs_devices->devices;
+ struct btrfs_super_block *selected_super;
+ struct btrfs_fs_info *fs_info;
struct btrfs_device *device;
- struct btrfsic_dev_state *selected_dev_state = NULL;
int ret = 0;
int pass;

- BUG_ON(NULL == state);
+ if (!state)
+ return -EINVAL;
+
+ fs_info = state->fs_info;
selected_super = kzalloc(sizeof(*selected_super), GFP_NOFS);
if (NULL == selected_super) {
pr_info("btrfsic: error, kmalloc failed!\n");
--
2.20.1