From 1c32348d15cf68985e3904b268e5929abc232415 Mon Sep 17 00:00:00 2001 From: green Date: Sat, 11 Aug 2007 22:58:56 +0000 Subject: [PATCH] b=13276 r=wangdi,shadow. Check return value of ll_node_from_inode in ll_file_read and ll_file_sendfile, do not dereference uninitialised lock tree in ll_file_write. --- lustre/llite/file.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/lustre/llite/file.c b/lustre/llite/file.c index 3178517..87f7f1e 100644 --- a/lustre/llite/file.c +++ b/lustre/llite/file.c @@ -1224,6 +1224,10 @@ repeat: } node = ll_node_from_inode(inode, *ppos, end, LCK_PR); + if (IS_ERR(node)){ + GOTO(out, rc = PTR_ERR(node)); + } + tree.lt_fd = LUSTRE_FPRIVATE(file); rc = ll_tree_lock(&tree, node, buf, count, file->f_flags & O_NONBLOCK ? LDLM_FL_BLOCK_NOWAIT :0); @@ -1398,7 +1402,7 @@ repeat: if (*ppos >= maxbytes) { send_sig(SIGXFSZ, current, 0); - GOTO(out, retval = -EFBIG); + GOTO(out_unlock, retval = -EFBIG); } if (*ppos + count > maxbytes) count = maxbytes - *ppos; @@ -1410,9 +1414,10 @@ repeat: retval = generic_file_write(file, buf, chunk, ppos); ll_rw_stats_tally(ll_i2sbi(inode), current->pid, file, count, 1); -out: +out_unlock: ll_tree_unlock(&tree); +out: if (retval > 0) { buf += retval; count -= retval; @@ -1464,6 +1469,9 @@ static ssize_t ll_file_sendfile(struct file *in_file, loff_t *ppos,size_t count, RETURN(generic_file_sendfile(in_file, ppos, count, actor, target)); node = ll_node_from_inode(inode, *ppos, *ppos + count - 1, LCK_PR); + if (IS_ERR(node)) + RETURN(PTR_ERR(node)); + tree.lt_fd = LUSTRE_FPRIVATE(in_file); rc = ll_tree_lock(&tree, node, NULL, count, in_file->f_flags & O_NONBLOCK?LDLM_FL_BLOCK_NOWAIT:0); -- 1.8.3.1