| Message ID | 20250402034529.12642-1-hexiaole1994@126.com (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | [v1] fs/super.c: Add NULL check for type in iterate_supers_type | expand |
On Wed, 2025-04-02 at 11:45 +0800, Xiaole He wrote: > The first several lines of iterate_supers_type are below: > > 1 void iterate_supers_type(struct file_system_type *type, > 2 void (*f)(struct super_block *, void *), void *arg) > 3 { > 4 struct super_block *sb, *p = NULL; > 5 > 6 spin_lock(&sb_lock); > 7 hlist_for_each_entry(sb, &type->fs_supers, s_instances) { > 8 ... > 9 } > > The iterate_super_type is a exported symbol, and if > iterate_supers_type is called with type of NULL, then there will be a > NULL pointer dereference of argument type in line 7. filesystem_type is an argument to alloc_super, which the filesystems code always fills in. If a filesystem passed a NULL type to the context, the initialization code would crash on a NULL deref (iterating type->fs_supers) which makes what you're checking for here an impossible condition, doesn't it? Regards, James
diff --git a/fs/super.c b/fs/super.c index 5a7db4a556e3..105a275b8360 100644 --- a/fs/super.c +++ b/fs/super.c @@ -959,6 +959,8 @@ void iterate_supers_type(struct file_system_type *type, { struct super_block *sb, *p = NULL; + if (unlikely(ZERO_OR_NULL_PTR(type))) + return; spin_lock(&sb_lock); hlist_for_each_entry(sb, &type->fs_supers, s_instances) { bool locked;
The first several lines of iterate_supers_type are below: 1 void iterate_supers_type(struct file_system_type *type, 2 void (*f)(struct super_block *, void *), void *arg) 3 { 4 struct super_block *sb, *p = NULL; 5 6 spin_lock(&sb_lock); 7 hlist_for_each_entry(sb, &type->fs_supers, s_instances) { 8 ... 9 } The iterate_super_type is a exported symbol, and if iterate_supers_type is called with type of NULL, then there will be a NULL pointer dereference of argument type in line 7. This patch fix above problem by adding NULL pointer check for argument type. Signed-off-by: Xiaole He <hexiaole1994@126.com> --- fs/super.c | 2 ++ 1 file changed, 2 insertions(+)