Google Git
Sign in
kernel / pub / scm / linux / kernel / git / jeffm / reiserfsprogs / 5f0e56b0ac13b1ef61beaccf65d34545c1f5d263
commit5f0e56b0ac13b1ef61beaccf65d34545c1f5d263[log] [tgz]
authorLucas C. Villa Real <lucasvr@gmail.com>Mon Jan 09 15:43:26 2017 -0200
committerJeff Mahoney <jeffm@suse.com>Mon Jan 09 13:39:43 2017 -0500
tree29ae9d5021182bdf82746fcf718a8da053378761
parent14b57362f75cd5ec72299fe895ba3521b4828011 [diff]
Fixes a NULL pointer dereference caused by reiserfsck. buffer_info_init_bh()
is called with a NULL "tb" argument, but the inline implementation of that
function was not prepared to handle it:

    Core was generated by `/Data/Compile/Sources/reiserfsprogs-3.6.25/fsck/.libs/lt-reiserfsck --fix-fixab'.
    Program terminated with signal SIGSEGV, Segmentation fault.
    #0  0x00007fe0d63ef48d in buffer_info_init_bh (tb=0x0, bi=0x7fff03ad3630, bh=0xb60db0) at ../include/reiserfs_fs.h:1584
    1584        bi->bi_fs    = tb->tb_fs;
    (gdb) bt
    #0  0x00007fe0d63ef48d in buffer_info_init_bh (tb=0x0, bi=0x7fff03ad3630, bh=0xb60db0) at ../include/reiserfs_fs.h:1584
    #1  0x00007fe0d63f21f9 in delete_item (fs=0xb40710, bh=0xb60db0, item_num=0) at lbalance.c:1157
    #2  0x000000000040a3aa in pass0_correct_leaf (fs=0xb40710, bh=0xb60db0) at pass0.c:768
    #3  0x000000000040deab in do_pass_0 (fs=0xb40710) at pass0.c:1928
    #4  0x000000000040f74f in misc_set_bit (nr=4257615, addr=0x7fff03ad3770) at ../include/misc.h:94
    #5  0x0000000000406cb0 in rebuild_tree (fs=0xb40710) at main.c:941
    #6  0x00000000004088ba in misc_set_bit (nr=140733255074915, addr=0x42a630 <__libc_csu_init+64>) at ../include/misc.h:92
    #7  0x00007fe0d5e58291 in __libc_start_main (main=0x4081a4 <main+64>, argc=7, argv=0x7fff03ad38e8, init=<optimized out>, fini=<optimized out>,
        rtld_fini=<optimized out>, stack_end=0x7fff03ad38d8) at ../csu/libc-start.c:289
    #8  0x00000000004048ca in deregister_tm_clones ()
    #9  0x00007fff03ad38d8 in ?? ()
    #10 0x000000000000001c in ?? ()
    #11 0x0000000000000007 in ?? ()
    #12 0x00007fff03ad43ec in ?? ()
    #13 0x00007fff03ad4430 in ?? ()
    #14 0x00007fff03ad443e in ?? ()
    #15 0x00007fff03ad4446 in ?? ()
    #16 0x00007fff03ad444c in ?? ()
    #17 0x00007fff03ad4454 in ?? ()
    #18 0x00007fff03ad4463 in ?? ()
    #19 0x0000000000000000 in ?? ()
    (gdb) up
    #1  0x00007fe0d63f21f9 in delete_item (fs=0xb40710, bh=0xb60db0, item_num=0) at lbalance.c:1157
    1157        buffer_info_init_bh(NULL, &bi, bh);

Signed-off-by: Lucas C. Villa Real <lucasvr@gobolinux.org>
Signed-off-by: Jeff Mahoney <jeffm@suse.com>
1 file changed
tree: 29ae9d5021182bdf82746fcf718a8da053378761
  1. debugreiserfs/
  2. fsck/
  3. include/
  4. lib/
  5. mkreiserfs/
  6. reiserfscore/
  7. resize_reiserfs/
  8. tune/
  9. .gitignore
  10. AUTHORS
  11. ChangeLog
  12. configure.ac
  13. COPYING
  14. CREDITS
  15. Makefile.am
  16. NEWS
  17. README
  18. reiserfsprogs.spec
  19. version.h