diff options
| author | Namjae Jeon <linkinjeon@kernel.org> | 2026-04-10 17:49:01 +0300 |
|---|---|---|
| committer | Namjae Jeon <linkinjeon@kernel.org> | 2026-04-18 05:33:07 +0300 |
| commit | 545834ac412fb42d41a41442aee7998c1d2dcced (patch) | |
| tree | 96937f623cca686a4d9391d8ab75896677524f4f | |
| parent | 8a59a2d84fa3de2b4bbb8759b52e62c9c06d9d32 (diff) | |
| download | linux-545834ac412fb42d41a41442aee7998c1d2dcced.tar.xz | |
ntfs: fix uninitialized pointer in ntfs_write_mft_block
Smatch reported that the variable rl could be used uninitialized in
ntfs_write_mft_block(). After analyzing the code,
when vol->cluster_size == NTFS_BLOCK_SIZE (512), it is smaller than
folio_size, so rl is guaranteed to be initialized. If vol->cluster_size
is larger, the condition to access rl becomes false, so a runtime error is
not expected to occur. However, to make the static checker happy,
this patch initializes rl to NULL and adds an explicit check before
its usage.
Reported-by: Dan Carpenter <error27@gmail.com>
Reviewed-by: Hyunchul Lee <hyc.lee@gmail.com>
Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
| -rw-r--r-- | fs/ntfs/mft.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/fs/ntfs/mft.c b/fs/ntfs/mft.c index bf028c1aea26..60d64de51d21 100644 --- a/fs/ntfs/mft.c +++ b/fs/ntfs/mft.c @@ -2714,7 +2714,7 @@ static int ntfs_write_mft_block(struct folio *folio, struct writeback_control *w s64 vcn = ntfs_pidx_to_cluster(vol, folio->index); s64 end_vcn = ntfs_bytes_to_cluster(vol, ni->allocated_size); unsigned int folio_sz; - struct runlist_element *rl; + struct runlist_element *rl = NULL; loff_t i_size = i_size_read(vi); ntfs_debug("Entering for inode 0x%llx, attribute type 0x%x, folio index 0x%lx.", @@ -2820,7 +2820,7 @@ flush_bio: if (vol->cluster_size == NTFS_BLOCK_SIZE && (mft_record_off || - rl->length - (vcn_off - rl->vcn) == 1 || + (rl && rl->length - (vcn_off - rl->vcn) == 1) || mft_ofs + NTFS_BLOCK_SIZE >= PAGE_SIZE)) folio_sz = NTFS_BLOCK_SIZE; else |