From: Jan Kara Date: Tue, 4 Mar 2008 22:28:33 +0000 (-0800) Subject: vfs: fix NULL pointer dereference in fsync_buffers_list() X-Git-Tag: firefly_0821_release~22175 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=e3892296de632e3f9299d9fabe0c746740004891;p=firefly-linux-kernel-4.4.55.git vfs: fix NULL pointer dereference in fsync_buffers_list() Fix NULL pointer dereference in fsync_buffers_list() introduced by recent fix of races in private_list handling. Since bh->b_assoc_map has been cleared in __remove_assoc_queue() we should really use original value stored in the 'mapping' variable. Signed-off-by: Jan Kara Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- diff --git a/fs/buffer.c b/fs/buffer.c index 897cd7477b34..ddfdd2c80bf9 100644 --- a/fs/buffer.c +++ b/fs/buffer.c @@ -835,7 +835,7 @@ static int fsync_buffers_list(spinlock_t *lock, struct list_head *list) smp_mb(); if (buffer_dirty(bh)) { list_add(&bh->b_assoc_buffers, - &bh->b_assoc_map->private_list); + &mapping->private_list); bh->b_assoc_map = mapping; } spin_unlock(lock);