You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@nuttx.apache.org by xi...@apache.org on 2021/07/26 06:01:49 UTC

[incubator-nuttx] branch master updated: fs/inode: add sanity check for inode to avoid nullpointer

This is an automated email from the ASF dual-hosted git repository.

xiaoxiang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-nuttx.git


The following commit(s) were added to refs/heads/master by this push:
     new 11faf0c  fs/inode: add sanity check for inode to avoid nullpointer
11faf0c is described below

commit 11faf0cb20c9a9b26d428fb1dcafaee2f1247dd1
Author: Jiuzhu Dong <do...@xiaomi.com>
AuthorDate: Fri Jul 23 17:30:05 2021 +0800

    fs/inode: add sanity check for inode to avoid nullpointer
    
    Change-Id: Ib2c74ba308b8f15756fac4e69632c296243eb4ab
    Signed-off-by: Jiuzhu Dong <do...@xiaomi.com>
---
 fs/socket/socket.c       | 3 ++-
 fs/vfs/fs_epoll.c        | 2 +-
 fs/vfs/fs_fstat.c        | 8 +++++++-
 sched/mqueue/mq_notify.c | 4 ++--
 4 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/fs/socket/socket.c b/fs/socket/socket.c
index a07c11c..b2edba9 100644
--- a/fs/socket/socket.c
+++ b/fs/socket/socket.c
@@ -189,7 +189,8 @@ int sockfd_allocate(FAR struct socket *psock, int oflags)
 
 FAR struct socket *file_socket(FAR struct file *filep)
 {
-  if (filep != NULL && INODE_IS_SOCKET(filep->f_inode))
+  if (filep != NULL && filep->f_inode != NULL &&
+      INODE_IS_SOCKET(filep->f_inode))
     {
       return filep->f_priv;
     }
diff --git a/fs/vfs/fs_epoll.c b/fs/vfs/fs_epoll.c
index 1375062..b3cc3d7 100644
--- a/fs/vfs/fs_epoll.c
+++ b/fs/vfs/fs_epoll.c
@@ -106,7 +106,7 @@ static FAR struct epoll_head *epoll_head_from_fd(int fd)
 
   /* Check fd come from us */
 
-  if (filep->f_inode->u.i_ops != &g_epoll_ops)
+  if (!filep->f_inode || filep->f_inode->u.i_ops != &g_epoll_ops)
     {
       set_errno(EBADF);
       return NULL;
diff --git a/fs/vfs/fs_fstat.c b/fs/vfs/fs_fstat.c
index dbf4cbc..c0d17dd 100644
--- a/fs/vfs/fs_fstat.c
+++ b/fs/vfs/fs_fstat.c
@@ -169,7 +169,13 @@ int file_fstat(FAR struct file *filep, FAR struct stat *buf)
   /* Get the inode from the file structure */
 
   inode = filep->f_inode;
-  DEBUGASSERT(inode != NULL);
+
+  /* Was this file opened ? */
+
+  if (!inode)
+    {
+      return -EBADF;
+    }
 
   /* The way we handle the stat depends on the type of inode that we
    * are dealing with.
diff --git a/sched/mqueue/mq_notify.c b/sched/mqueue/mq_notify.c
index 21c0170..fb0d245 100644
--- a/sched/mqueue/mq_notify.c
+++ b/sched/mqueue/mq_notify.c
@@ -106,11 +106,10 @@ int mq_notify(mqd_t mqdes, FAR const struct sigevent *notification)
     }
 
   inode = filep->f_inode;
-  msgq  = inode->i_private;
 
   /* Was a valid message queue descriptor provided? */
 
-  if (!msgq)
+  if (!inode || !inode->i_private)
     {
       /* No.. return EBADF */
 
@@ -128,6 +127,7 @@ int mq_notify(mqd_t mqdes, FAR const struct sigevent *notification)
 
   /* Is there already a notification attached */
 
+  msgq = inode->i_private;
   if (msgq->ntpid == INVALID_PROCESS_ID)
     {
       /* No... Have we been asked to establish one? */