From ff14f59410148c57263c2ac8fe1deb75f9ba0a59 Mon Sep 17 00:00:00 2001 From: "Darrick J. Wong" Date: Tue, 20 Dec 2016 22:29:01 -0600 Subject: [PATCH] xfs_repair: fix some potential null pointer deferences Fix some potential NULL pointer deferences that Coverity pointed out, and remove a trivial dead integer check. Coverity-id: 1375789, 1375790, 1375791, 1375792 Signed-off-by: Darrick J. Wong Reviewed-by: Christoph Hellwig Signed-off-by: Eric Sandeen --- repair/phase5.c | 2 +- repair/rmap.c | 2 +- repair/slab.h | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/repair/phase5.c b/repair/phase5.c index 3604d1d9c..cbda55642 100644 --- a/repair/phase5.c +++ b/repair/phase5.c @@ -1925,7 +1925,7 @@ _("Insufficient memory to construct refcount cursor.")); refc_rec = pop_slab_cursor(refc_cur); lptr = &btree_curs->level[0]; - for (i = 0; i < lptr->num_blocks; i++) { + for (i = 0; i < lptr->num_blocks && refc_rec != NULL; i++) { /* * block initialization, lay in block header */ diff --git a/repair/rmap.c b/repair/rmap.c index 45e183ac4..7508973c5 100644 --- a/repair/rmap.c +++ b/repair/rmap.c @@ -790,7 +790,7 @@ compute_refcounts( mark_inode_rl(mp, stack_top); /* Set nbno to the bno of the next refcount change */ - if (n < slab_count(rmaps)) + if (n < slab_count(rmaps) && array_cur) nbno = array_cur->rm_startblock; else nbno = NULLAGBLOCK; diff --git a/repair/slab.h b/repair/slab.h index 4aa551212..a2201f14a 100644 --- a/repair/slab.h +++ b/repair/slab.h @@ -54,7 +54,7 @@ extern void *bag_item(struct xfs_bag *, size_t); #define foreach_bag_ptr_reverse(bag, idx, ptr) \ for ((idx) = bag_count(bag) - 1, (ptr) = bag_item((bag), (idx)); \ - (idx) >= 0 && (ptr) != NULL; \ + (ptr) != NULL; \ (idx)--, (ptr) = bag_item((bag), (idx))) #endif /* SLAB_H_ */ -- 2.47.3