fs/ntfs3: Fix NULL dereference in ni_write_inode
[ Upstream commit 8dae4f6341 ]
Syzbot reports a NULL dereference in ni_write_inode.
When creating a new inode, if allocation fails in mi_init function
(called in mi_format_new function), mi->mrec is set to NULL.
In the error path of this inode creation, mi->mrec is later
dereferenced in ni_write_inode.
Add a NULL check to prevent NULL dereference.
Link: https://syzkaller.appspot.com/bug?extid=f45957555ed4a808cc7a
Reported-and-tested-by: syzbot+f45957555ed4a808cc7a@syzkaller.appspotmail.com
Signed-off-by: Abdun Nihaal <abdun.nihaal@gmail.com>
Signed-off-by: Konstantin Komarov <almaz.alexandrovich@paragon-software.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
This commit is contained in:
Abdun Nihaal
committed by
Greg Kroah-Hartman
Greg Kroah-Hartman
parent
0d04e45c65
commit
b3152afc0e
@ -3255,6 +3255,9 @@ int ni_write_inode(struct inode *inode, int sync, const char *hint)
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!ni->mi.mrec)
|
||||||
|
goto out;
|
||||||
|
|
||||||
if (is_rec_inuse(ni->mi.mrec) &&
|
if (is_rec_inuse(ni->mi.mrec) &&
|
||||||
!(sbi->flags & NTFS_FLAGS_LOG_REPLAYING) && inode->i_nlink) {
|
!(sbi->flags & NTFS_FLAGS_LOG_REPLAYING) && inode->i_nlink) {
|
||||||
bool modified = false;
|
bool modified = false;
|
||||||
|
|||||||
Reference in New Issue
Block a user