From ac4d6888b21a8be373f3e06f1d4011fbe2bbbeac Mon Sep 17 00:00:00 2001
From: Chandra Seetharaman <sekharan@us.ibm.com>
Date: Wed, 3 Aug 2011 02:18:29 +0000
Subject: [PATCH] xfs: Check the return value of xfs_buf_read() for NULL

Check the return value of xfs_buf_read() for NULL and return ENOMEM
if it is NULL.  This is necessary in a few spots to avoid subsequent
code blindly dereferencing the null buffer pointer.

Signed-off-by: Chandra Seetharaman <sekharan@us.ibm.com>
Signed-off-by: Alex Elder <aelder@sgi.com>
---
 fs/xfs/xfs_log_recover.c | 6 ++++++
 fs/xfs/xfs_vnodeops.c    | 2 ++
 2 files changed, 8 insertions(+)

diff --git a/fs/xfs/xfs_log_recover.c b/fs/xfs/xfs_log_recover.c
index 1076b7effcdc63..b9afff8a1be2c1 100644
--- a/fs/xfs/xfs_log_recover.c
+++ b/fs/xfs/xfs_log_recover.c
@@ -2131,6 +2131,8 @@ xlog_recover_buffer_pass2(
 
 	bp = xfs_buf_read(mp->m_ddev_targp, buf_f->blf_blkno, buf_f->blf_len,
 			  buf_flags);
+	if (!bp)
+		return XFS_ERROR(ENOMEM);
 	error = xfs_buf_geterror(bp);
 	if (error) {
 		xfs_ioerror_alert("xlog_recover_do..(read#1)", mp,
@@ -2222,6 +2224,10 @@ xlog_recover_inode_pass2(
 
 	bp = xfs_buf_read(mp->m_ddev_targp, in_f->ilf_blkno, in_f->ilf_len,
 			  XBF_LOCK);
+	if (!bp) {
+		error = ENOMEM;
+		goto error;
+	}
 	error = xfs_buf_geterror(bp);
 	if (error) {
 		xfs_ioerror_alert("xlog_recover_do..(read#2)", mp,
diff --git a/fs/xfs/xfs_vnodeops.c b/fs/xfs/xfs_vnodeops.c
index dd05360ad56fb9..2a432d00d4c1b4 100644
--- a/fs/xfs/xfs_vnodeops.c
+++ b/fs/xfs/xfs_vnodeops.c
@@ -83,6 +83,8 @@ xfs_readlink_bmap(
 
 		bp = xfs_buf_read(mp->m_ddev_targp, d, BTOBB(byte_cnt),
 				  XBF_LOCK | XBF_MAPPED | XBF_DONT_BLOCK);
+		if (!bp)
+			return XFS_ERROR(ENOMEM);
 		error = xfs_buf_geterror(bp);
 		if (error) {
 			xfs_ioerror_alert("xfs_readlink",
-- 
GitLab