git.ipfire.org Git - thirdparty/kernel/linux.git/commit

author	Bill Wendling <morbo@google.com>
	Mon, 16 Mar 2026 18:41:58 +0000 (18:41 +0000)
committer	Carlos Maiolino <cem@kernel.org>
	Wed, 18 Mar 2026 08:54:39 +0000 (09:54 +0100)
commit	e5966096d0856d071269cb5928d6bc33342d2dfd
tree	4b1e605f2c772bbd7f55c6da5a2f29f2bc6b40e9	tree \| snapshot
parent	0c98524ab20193d8772cff9c71b00ad004fb1349	commit \| diff

xfs: annotate struct xfs_attr_list_context with __counted_by_ptr

Add the `__counted_by_ptr` attribute to the `buffer` field of `struct
xfs_attr_list_context`. This field is used to point to a buffer of
size `bufsize`.

The `buffer` field is assigned in:
1. `xfs_ioc_attr_list` in `fs/xfs/xfs_handle.c`
2. `xfs_xattr_list` in `fs/xfs/xfs_xattr.c`
3. `xfs_getparents` in `fs/xfs/xfs_handle.c` (implicitly initialized to NULL)

In `xfs_ioc_attr_list`, `buffer` was assigned before `bufsize`. Reorder
them to ensure `bufsize` is set before `buffer` is assigned, although
no access happens between them.

In `xfs_xattr_list`, `buffer` was assigned before `bufsize`. Reorder
them to ensure `bufsize` is set before `buffer` is assigned.

In `xfs_getparents`, `buffer` is NULL (from zero initialization) and
remains NULL. `bufsize` is set to a non-zero value, but since `buffer`
is NULL, no access occurs.

In all cases, the pointer `buffer` is not accessed before `bufsize` is set.

This patch was generated by CodeMender and reviewed by Bill Wendling.
Tested by running xfstests.

Signed-off-by: Bill Wendling <morbo@google.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Darrick J. Wong <djwong@kernel.org>
Signed-off-by: Carlos Maiolino <cem@kernel.org>

fs/xfs/libxfs/xfs_attr.h		diff \| blob \| blame \| history
fs/xfs/xfs_handle.c		diff \| blob \| blame \| history
fs/xfs/xfs_xattr.c		diff \| blob \| blame \| history