On Oct 23, 2024, at 15:21, Piotr Zalewski <[email protected]> wrote: > > Add NULL check for key returned from bch2_btree_and_journal_iter_peek in > btree_node_iter_and_journal_peek to avoid NULL ptr dereference in > bch2_bkey_buf_reassemble.
It would be helpful if the commit message explained why k.k is null in this case > > Reported-by: [email protected] > Closes: https://syzkaller.appspot.com/bug?extid=005ef9aa519f30d97657 > Fixes: 5222a4607cd8 ("bcachefs: BTREE_ITER_WITH_JOURNAL") > Signed-off-by: Piotr Zalewski <[email protected]> > --- > fs/bcachefs/btree_iter.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/fs/bcachefs/btree_iter.c b/fs/bcachefs/btree_iter.c > index 0883cf6e1a3e..625167ce191f 100644 > --- a/fs/bcachefs/btree_iter.c > +++ b/fs/bcachefs/btree_iter.c > @@ -882,6 +882,8 @@ static noinline int > btree_node_iter_and_journal_peek(struct btree_trans *trans, > __bch2_btree_and_journal_iter_init_node_iter(trans, &jiter, l->b, l->iter, > path->pos); > > k = bch2_btree_and_journal_iter_peek(&jiter); > + if (!k.k) > + goto err; > > bch2_bkey_buf_reassemble(out, c, k); > > @@ -889,6 +891,7 @@ static noinline int > btree_node_iter_and_journal_peek(struct btree_trans *trans, > c->opts.btree_node_prefetch) > ret = btree_path_prefetch_j(trans, path, &jiter); > > +err: > bch2_btree_and_journal_iter_exit(&jiter); > return ret; > } > -- > 2.47.0 > > >
