• J
    ocfs2: fix null pointer dereference in ocfs2_dir_foreach_blk_id() · d6394b59
    Jeff Liu 提交于
    Fix a NULL pointer deference while removing an empty directory, which
    was introduced by commit 3704412b ("[readdir] convert ocfs2").
    
      BUG: unable to handle kernel NULL pointer dereference at (null)
      IP: [<(null)>]           (null)
      PGD 6da85067 PUD 6da89067 PMD 0
      Oops: 0010 [#1] SMP
      CPU: 0 PID: 6564 Comm: rmdir Tainted: G           O 3.11.0-rc1 #4
      RIP: 0010:[<0000000000000000>]  [<          (null)>]           (null)
      Call Trace:
        ocfs2_dir_foreach+0x49/0x50 [ocfs2]
        ocfs2_empty_dir+0x12c/0x3e0 [ocfs2]
        ocfs2_unlink+0x56e/0xc10 [ocfs2]
        vfs_rmdir+0xd5/0x140
        do_rmdir+0x1cb/0x1e0
        SyS_rmdir+0x16/0x20
        system_call_fastpath+0x16/0x1b
      Code:  Bad RIP value.
      RIP  [<          (null)>]           (null)
      RSP <ffff88006daddc10>
      CR2: 0000000000000000
    
    [dan.carpenter@oracle.com: fix pointer math]
    Signed-off-by: NJie Liu <jeff.liu@oracle.com>
    Reported-by: NDavid Weber <wb@munzinger.de>
    Cc: Al Viro <viro@zeniv.linux.org.uk>
    Cc: Joel Becker <jlbec@evilplan.org>
    Cc: Mark Fasheh <mfasheh@suse.com>
    Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
    Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
    d6394b59
dir.c 114.3 KB