commit 2973dfdb877c17b36c27ba66d71028ff1eb2f32e
author Glauber de Oliveira Costa <glommer@br.ibm.com> Sun Oct 30 15:03:05 2005 -0800
committer Linus Torvalds <torvalds@g5.osdl.org> Sun Oct 30 17:37:26 2005 -0800
tree 9734599068f3fcf7cd33f948235588f7a275d193
parent 7f04c26d715a2467a49a2384268de8f70f787b51

[PATCH] Test for sb_getblk return value

This patch adds tests for the return value of sb_getblk() in the ext2/3
filesystems.  In fs/buffer.c it is stated that the getblk() function never
fails.  However, it does can return NULL in some situations due to I/O
errors, which may lead us to NULL pointer dereferences

Signed-off-by: Glauber de Oliveira Costa <glommer@br.ibm.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

fs/ext3/inode.c

diff --git a/fs/ext3/inode.c b/fs/ext3/inode.c
index b5da524..5d9b00e 100644
--- a/fs/ext3/inode.c
+++ b/fs/ext3/inode.c
@@ -523,7 +523,6 @@
 			if (!nr)
 				break;
 			branch[n].key = cpu_to_le32(nr);
-			keys = n+1;
 
 			/*
 			 * Get buffer_head for parent block, zero it out
@@ -531,6 +530,9 @@
 			 * parent to disk.  
 			 */
 			bh = sb_getblk(inode->i_sb, parent);
+			if (!bh)
+				break;
+			keys = n+1;
 			branch[n].bh = bh;
 			lock_buffer(bh);
 			BUFFER_TRACE(bh, "call get_create_access");
@@ -864,6 +866,10 @@
 	if (!*errp && buffer_mapped(&dummy)) {
 		struct buffer_head *bh;
 		bh = sb_getblk(inode->i_sb, dummy.b_blocknr);
+		if (!bh) {
+			*errp = -EIO;
+			goto err;
+		}
 		if (buffer_new(&dummy)) {
 			J_ASSERT(create != 0);
 			J_ASSERT(handle != 0);
@@ -896,6 +902,7 @@
 		}
 		return bh;
 	}
+err:
 	return NULL;
 }