Web lists-archives.com

[PATCH] fs: affs: fix a NULL pointer dereference




If affs_bread fails, do not use ext_bh to avoid NULL pointer
 dereference

Signed-off-by: Kangjie Lu <kjlu@xxxxxxx>
---
 fs/affs/file.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/fs/affs/file.c b/fs/affs/file.c
index a85817f54483..45b96faa40f1 100644
--- a/fs/affs/file.c
+++ b/fs/affs/file.c
@@ -835,7 +835,7 @@ void
 affs_truncate(struct inode *inode)
 {
 	struct super_block *sb = inode->i_sb;
-	u32 ext, ext_key;
+	u32 ext, ext_key, ext_bk;
 	u32 last_blk, blkcnt, blk;
 	u32 size;
 	struct buffer_head *ext_bh;
@@ -941,8 +941,12 @@ affs_truncate(struct inode *inode)
 		size = AFFS_SB(sb)->s_hashsize;
 		if (size > blkcnt - blk)
 			size = blkcnt - blk;
-		for (i = 0; i < size; i++, blk++)
-			affs_free_block(sb, be32_to_cpu(AFFS_BLOCK(sb, ext_bh, i)));
+		if (ext_bh) {
+			for (i = 0; i < size; i++, blk++) {
+				ext_bk = AFFS_BLOCK(sb, ext_bh, i);
+				affs_free_block(sb, be32_to_cpu(ext_bk));
+			}
+		}
 		affs_free_block(sb, ext_key);
 		ext_key = be32_to_cpu(AFFS_TAIL(sb, ext_bh)->extension);
 		affs_brelse(ext_bh);
-- 
2.17.1