bcachefs: Fix null ptr deref in bch2_backpointer_get_node()

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

bch2_btree_iter_peek_node() can return a NULL ptr (when the tree is
shorter than the search depth); handle this with an early return.

Signed-off-by: Kent Overstreet <kent.overstreet@linux.dev>
Reported-by: Dan Carpenter <dan.carpenter@linaro.org>
Fixes: https://lore.kernel.org/linux-bcachefs/5fc3c28b-c232-4ec7-b0ac-4ef220ddf976@moroto.mountain/T/
Signed-off-by: Kent Overstreet <kent.overstreet@linux.dev>

Kent Overstreet 2 years ago 03cc1e67 274c2f8f

+5 -5

1 changed file

expand all

bcachefs

backpointers.c

+5 -5

fs/bcachefs/backpointers.c

··· 313 313 bp.level - 1, 314 314 0); 315 315 b = bch2_btree_iter_peek_node(iter); 316 - if (IS_ERR(b)) 316 + if (IS_ERR_OR_NULL(b)) 317 317 goto err; 318 318 319 319 BUG_ON(b->c.level != bp.level - 1); 320 320 321 - if (b && extent_matches_bp(c, bp.btree_id, bp.level, 322 - bkey_i_to_s_c(&b->key), 323 - bucket, bp)) 321 + if (extent_matches_bp(c, bp.btree_id, bp.level, 322 + bkey_i_to_s_c(&b->key), 323 + bucket, bp)) 324 324 return b; 325 325 326 - if (b && btree_node_will_make_reachable(b)) { 326 + if (btree_node_will_make_reachable(b)) { 327 327 b = ERR_PTR(-BCH_ERR_backpointer_to_overwritten_btree_node); 328 328 } else { 329 329 backpointer_not_found(trans, bp_pos, bp, bkey_i_to_s_c(&b->key));