From patchwork Sat Feb 24 10:34:55 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Chengguang Xu <cgxu519@icloud.com>
X-Patchwork-Id: 10240345
Return-Path: <ceph-devel-owner@kernel.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	A0773602DC for <patchwork-ceph-devel@patchwork.kernel.org>;
	Sat, 24 Feb 2018 10:35:17 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 80C78298FE
	for <patchwork-ceph-devel@patchwork.kernel.org>;
	Sat, 24 Feb 2018 10:35:17 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 73CA829BD4; Sat, 24 Feb 2018 10:35:17 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-6.8 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_HI,T_DKIM_INVALID autolearn=ham version=3.3.1
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 30458298FE
	for <patchwork-ceph-devel@patchwork.kernel.org>;
	Sat, 24 Feb 2018 10:35:16 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1751296AbeBXKfL (ORCPT
	<rfc822;patchwork-ceph-devel@patchwork.kernel.org>);
	Sat, 24 Feb 2018 05:35:11 -0500
Received: from mr11p00im-asmtp002.me.com ([17.110.69.253]:18049 "EHLO
	mr11p00im-asmtp002.me.com" rhost-flags-OK-OK-OK-OK) by
	vger.kernel.org with ESMTP id S1750964AbeBXKfK (ORCPT
	<rfc822; ceph-devel@vger.kernel.org>); Sat, 24 Feb 2018 05:35:10 -0500
Received: from process-dkim-sign-daemon.mr11p00im-asmtp002.me.com by
	mr11p00im-asmtp002.me.com
	(Oracle Communications Messaging Server 8.0.1.2.20170607 64bit (built
	Jun 7 2017)) id <0P4N00800FRAAI00@mr11p00im-asmtp002.me.com> for
	ceph-devel@vger.kernel.org; Sat, 24 Feb 2018 10:35:05 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=icloud.com;
	s=04042017;
	t=1519468505;  bh=yxMKbnOTuT3atqEV0lh7DnbvxOq3G+YVlXSZVvynvQA=;
	h=From:To:Subject:Date:Message-id;
	b=wD6ADzMaPI9Ys6wmz4a4nWULmw0blMpThzSZlUb8ET9Bzrxikwizw727VflDITarN
	eVnHg6ao5kyjRRaaDzWDbEXTFy6AKhZp2dHKSjA4XJzoINnhTu5f8dV0mUn1gQaW+t
	3CHuibYyuB8AQ1noxfEX0IZxJ2gkBvvUBx7ci/+MeJ+iZzMyqD5ZML7RlTIbEr7cH/
	LQE3BBjRprCQrE26qWi00fmf4uXeaKdRA7HRlttxFlXiCIPgUsS20NVDa8PKAlZ0P6
	F68DQz9miKvu2hcB5BVc23Vb2VuJD1cogw+4PWZue83rXsoyCsUPJv6Balm/ffARou
	kTm4LPRKqRbew==
Received: from icloud.com ([127.0.0.1]) by mr11p00im-asmtp002.me.com
	(Oracle Communications Messaging Server 8.0.1.2.20170607 64bit (built
	Jun 7
	2017)) with ESMTPSA id <0P4N004DXHEA4J20@mr11p00im-asmtp002.me.com>;
	Sat, 24 Feb 2018 10:35:03 +0000 (GMT)
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:,,
	definitions=2018-02-24_02:,, signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0
	clxscore=1015 suspectscore=0 malwarescore=0 phishscore=0 adultscore=0
	bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1
	engine=8.0.1-1707230000 definitions=main-1802240138
From: Chengguang Xu <cgxu519@icloud.com>
To: zyan@redhat.com, idryomov@gmail.com
Cc: ceph-devel@vger.kernel.org, Chengguang Xu <cgxu519@icloud.com>
Subject: [PATCH] ceph: check return value of ceph_get_cap()
Date: Sat, 24 Feb 2018 18:34:55 +0800
Message-id: <1519468495-67769-1-git-send-email-cgxu519@icloud.com>
X-Mailer: git-send-email 1.8.3.1
Sender: ceph-devel-owner@vger.kernel.org
Precedence: bulk
List-ID: <ceph-devel.vger.kernel.org>
X-Mailing-List: ceph-devel@vger.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

ceph_get_cap() can return NULL, so should check return value carefully
in case of using NULL pointer unexpectedly.

Signed-off-by: Chengguang Xu <cgxu519@icloud.com>
---
Only compile tested.

 fs/ceph/caps.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/fs/ceph/caps.c b/fs/ceph/caps.c
index 6582c45..9ef40ae 100644
--- a/fs/ceph/caps.c
+++ b/fs/ceph/caps.c
@@ -3510,6 +3510,10 @@ static void handle_cap_export(struct inode *inode, struct ceph_mds_caps *ex,
 	} else if (tsession) {
 		/* add placeholder for the export tagert */
 		int flag = (cap == ci->i_auth_cap) ? CEPH_CAP_FLAG_AUTH : 0;
+
+		if (!new_cap)
+			goto out_unlock;
+
 		tcap = new_cap;
 		ceph_add_cap(inode, tsession, t_cap_id, -1, issued, 0,
 			     t_seq - 1, t_mseq, (u64)-1, flag, &new_cap);
@@ -3764,6 +3768,11 @@ void ceph_handle_caps(struct ceph_mds_session *session,
 
 		if (op == CEPH_CAP_OP_IMPORT) {
 			cap = ceph_get_cap(mdsc, NULL);
+			if (!cap) {
+				pr_err("%s: can't get cap\n", __func__);
+				goto bad_cap;
+			}
+
 			cap->cap_ino = vino.ino;
 			cap->queue_release = 1;
 			cap->cap_id = le64_to_cpu(h->cap_id);
@@ -3864,6 +3873,7 @@ void ceph_handle_caps(struct ceph_mds_session *session,
 
 bad:
 	pr_err("ceph_handle_caps: corrupt message\n");
+bad_cap:
 	ceph_msg_dump(msg);
 	return;
 }