[PATCH] fs: ext4: Fix dereferencing the null pointer 'ptr'
Stefan Roese
sr at denx.de
Wed Nov 23 09:47:09 CET 2022
On 23.11.22 09:06, Mikhail Ilin wrote:
> If memory allocation fails on line 780, then 'fail' will be
> jumped to and 'ptr' will be null, causing it to be dereferenced it on line
> 855. Thus, before using 'ptr[i]' one must make sure that the 'ptr' pointer
> is not NULL.
Nitpicking. You seem to have a leading space in this comment
block. Please remove next time.
>
> Fixes: 934b14f2bb30 ("ext4: free allocations by parse_path()")
> Signed-off-by: Mikhail Ilin <ilin.mikhail.ol at gmail.com>
> ---
> fs/ext4/ext4_common.c | 10 ++++++----
> 1 file changed, 6 insertions(+), 4 deletions(-)
>
> diff --git a/fs/ext4/ext4_common.c b/fs/ext4/ext4_common.c
> index 1185cb2c04..3cdd1a04a9 100644
> --- a/fs/ext4/ext4_common.c
> +++ b/fs/ext4/ext4_common.c
> @@ -851,10 +851,12 @@ end:
> fail:
> free(depth_dirname);
> free(parse_dirname);
> - for (i = 0; i < depth; i++) {
> - if (!ptr[i])
> - break;
> - free(ptr[i]);
> + if (ptr) {
> + for (i = 0; i < depth; i++) {
> + if (!ptr[i])
> + break;
> + free(ptr[i]);
> + }
> }
> free(ptr);
Won't this fail with ptr == NULL? Please also include the free(ptr) into
the if (ptr) { } part.
Thanks,
Stefan
More information about the U-Boot
mailing list