From: Xue jiufei Date: Wed, 24 Jun 2015 23:55:20 +0000 (-0700) Subject: ocfs2: fix NULL pointer dereference in function ocfs2_abort_trigger() X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=74e364ad1b13fd518a0bd4e5aec56d5e8706152f;p=GitHub%2FLineageOS%2Fandroid_kernel_motorola_exynos9610.git ocfs2: fix NULL pointer dereference in function ocfs2_abort_trigger() ocfs2_abort_trigger() use bh->b_assoc_map to get sb. But there's no function to set bh->b_assoc_map in ocfs2, it will trigger NULL pointer dereference while calling this function. We can get sb from bh->b_bdev->bd_super instead of b_assoc_map. [akpm@linux-foundation.org: update comment, per Joseph] Signed-off-by: joyce.xue Cc: Joseph Qi Cc: Mark Fasheh Cc: Joel Becker Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- diff --git a/fs/ocfs2/journal.c b/fs/ocfs2/journal.c index 72db49c0e2ab..69333bea6a1a 100644 --- a/fs/ocfs2/journal.c +++ b/fs/ocfs2/journal.c @@ -571,9 +571,7 @@ static void ocfs2_abort_trigger(struct jbd2_buffer_trigger_type *triggers, (unsigned long)bh, (unsigned long long)bh->b_blocknr); - /* We aren't guaranteed to have the superblock here - but if we - * don't, it'll just crash. */ - ocfs2_error(bh->b_assoc_map->host->i_sb, + ocfs2_error(bh->b_bdev->bd_super, "JBD2 has aborted our journal, ocfs2 cannot continue\n"); }