Commit 7959e212 authored by pangliyuan's avatar pangliyuan Committed by Wentao Guan
Browse files

ubifs: skip dumping tnc tree when zroot is null

stable inclusion
from stable-v6.6.76
commit 40e25a3c0063935763717877bb2a814c081509ff
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/IBW08Q

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=40e25a3c0063935763717877bb2a814c081509ff

--------------------------------

[ Upstream commit bdb0ca39e0acccf6771db49c3f94ed787d05f2d7 ]

Clearing slab cache will free all znode in memory and make
c->zroot.znode = NULL, then dumping tnc tree will access
c->zroot.znode which cause null pointer dereference.

Link: https://bugzilla.kernel.org/show_bug.cgi?id=219624#c0


Fixes: 1e51764a ("UBIFS: add new flash file system")
Signed-off-by: default avatarpangliyuan <pangliyuan1@huawei.com>
Reviewed-by: default avatarZhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: default avatarRichard Weinberger <richard@nod.at>
Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
(cherry picked from commit 40e25a3c0063935763717877bb2a814c081509ff)
Signed-off-by: default avatarWentao Guan <guanwentao@uniontech.com>
parent f97c75c0
Loading
Loading
Loading
Loading
+13 −9
Original line number Diff line number Diff line
@@ -946,6 +946,7 @@ void ubifs_dump_tnc(struct ubifs_info *c)

	pr_err("\n");
	pr_err("(pid %d) start dumping TNC tree\n", current->pid);
	if (c->zroot.znode) {
		znode = ubifs_tnc_levelorder_next(c, c->zroot.znode, NULL);
		level = znode->level;
		pr_err("== Level %d ==\n", level);
@@ -957,6 +958,9 @@ void ubifs_dump_tnc(struct ubifs_info *c)
			ubifs_dump_znode(c, znode);
			znode = ubifs_tnc_levelorder_next(c, c->zroot.znode, znode);
		}
	} else {
		pr_err("empty TNC tree in memory\n");
	}
	pr_err("(pid %d) finish dumping TNC tree\n", current->pid);
}