| Message ID | 44762cf0-ec69-4cb0-ee08-d5889f24df4b@redhat.com (mailing list archive) |
|---|---|
| State | Accepted |
| Headers | show |
On Wed, Dec 21, 2016 at 09:13:08AM -0600, Eric Sandeen wrote: > dump_file and report_mount can be called with null *oid if > we aren't asking for the GETNEXTQUOTA interface, so we > should only test for the GETNEXTQUOTA wrap if *oid is > non-null. Otherwise we'll deref a null pointer in the > test. > > This only happens for certain invocations of reporting, > which apparently are not covered by any regression tests > at this point, at least on new kernels which contain > GETNEXTQUOTA. > > Addresses-Coverity-ID: 1397415 > Addresses-Coverity-ID: 1397416 > Brown-paper-bag-worn-by: Eric Sandeen <sandeen@redhat.com> > Signed-off-by: Eric Sandeen <sandeen@redhat.com> Looks good. Reviewed-by: Bill O'Donnell <billodo@redhat.com> > --- > > diff --git a/quota/report.c b/quota/report.c > index fc02302..3833dd6 100644 > --- a/quota/report.c > +++ b/quota/report.c > @@ -98,12 +98,12 @@ dump_file( > return 0; > } > > - if (oid) > + if (oid) { > *oid = d.d_id; > - > - /* Did kernelspace wrap? */ > - if (*oid < id) > - return 0; > + /* Did kernelspace wrap? */ > + if (*oid < id) > + return 0; > + } > > if (!d.d_blk_softlimit && !d.d_blk_hardlimit && > !d.d_ino_softlimit && !d.d_ino_hardlimit && > @@ -361,12 +361,12 @@ report_mount( > return 0; > } > > - if (oid) > + if (oid) { > *oid = d.d_id; > - > - /* Did kernelspace wrap? */ > - if (*oid < id) > - return 0; > + /* Did kernelspace wrap? */ > + if (* oid < id) > + return 0; > + } > > if (flags & TERSE_FLAG) { > count = 0; > > -- > To unsubscribe from this list: send the line "unsubscribe linux-xfs" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe linux-xfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Wed, Dec 21, 2016 at 09:13:08AM -0600, Eric Sandeen wrote: > dump_file and report_mount can be called with null *oid if > we aren't asking for the GETNEXTQUOTA interface, so we > should only test for the GETNEXTQUOTA wrap if *oid is > non-null. Otherwise we'll deref a null pointer in the > test. > > This only happens for certain invocations of reporting, > which apparently are not covered by any regression tests > at this point, at least on new kernels which contain > GETNEXTQUOTA. Reviewed-by: Carlos Maiolino <cmaiolino@redhat.com> > > Addresses-Coverity-ID: 1397415 > Addresses-Coverity-ID: 1397416 > Brown-paper-bag-worn-by: Eric Sandeen <sandeen@redhat.com> > Signed-off-by: Eric Sandeen <sandeen@redhat.com> > --- > > diff --git a/quota/report.c b/quota/report.c > index fc02302..3833dd6 100644 > --- a/quota/report.c > +++ b/quota/report.c > @@ -98,12 +98,12 @@ dump_file( > return 0; > } > > - if (oid) > + if (oid) { > *oid = d.d_id; > - > - /* Did kernelspace wrap? */ > - if (*oid < id) > - return 0; > + /* Did kernelspace wrap? */ > + if (*oid < id) > + return 0; > + } > > if (!d.d_blk_softlimit && !d.d_blk_hardlimit && > !d.d_ino_softlimit && !d.d_ino_hardlimit && > @@ -361,12 +361,12 @@ report_mount( > return 0; > } > > - if (oid) > + if (oid) { > *oid = d.d_id; > - > - /* Did kernelspace wrap? */ > - if (*oid < id) > - return 0; > + /* Did kernelspace wrap? */ > + if (* oid < id) > + return 0; > + } > > if (flags & TERSE_FLAG) { > count = 0; > > -- > To unsubscribe from this list: send the line "unsubscribe linux-xfs" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/quota/report.c b/quota/report.c index fc02302..3833dd6 100644 --- a/quota/report.c +++ b/quota/report.c @@ -98,12 +98,12 @@ dump_file( return 0; } - if (oid) + if (oid) { *oid = d.d_id; - - /* Did kernelspace wrap? */ - if (*oid < id) - return 0; + /* Did kernelspace wrap? */ + if (*oid < id) + return 0; + } if (!d.d_blk_softlimit && !d.d_blk_hardlimit && !d.d_ino_softlimit && !d.d_ino_hardlimit && @@ -361,12 +361,12 @@ report_mount( return 0; } - if (oid) + if (oid) { *oid = d.d_id; - - /* Did kernelspace wrap? */ - if (*oid < id) - return 0; + /* Did kernelspace wrap? */ + if (* oid < id) + return 0; + } if (flags & TERSE_FLAG) { count = 0;
dump_file and report_mount can be called with null *oid if we aren't asking for the GETNEXTQUOTA interface, so we should only test for the GETNEXTQUOTA wrap if *oid is non-null. Otherwise we'll deref a null pointer in the test. This only happens for certain invocations of reporting, which apparently are not covered by any regression tests at this point, at least on new kernels which contain GETNEXTQUOTA. Addresses-Coverity-ID: 1397415 Addresses-Coverity-ID: 1397416 Brown-paper-bag-worn-by: Eric Sandeen <sandeen@redhat.com> Signed-off-by: Eric Sandeen <sandeen@redhat.com> --- -- To unsubscribe from this list: send the line "unsubscribe linux-xfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html