btrfs: handle error of get_old_root

In btrfs_search_old_slot get_old_root is always used with the assumption
it cannot fail. However, this is not true in rare circumstance it can
fail and return null. This will lead to null point dereference when the
header is read. Fix this by checking the return value and properly
handling NULL by setting ret to -EIO and returning gracefully.

Coverity-id: 1087503
Signed-off-by: Nikolay Borisov <nborisov@suse.com>
Reviewed-by: Lu Fengqi <lufq.fnst@cn.fujitsu.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>

diff --git a/fs/btrfs/ctree.c b/fs/btrfs/ctree.c
index 6178fadf80a1e6c11d2e8406f0bcce95cb4d9f98..0a6c645fab0ac374f401192352fc95ffd65aa544 100644 (file)
--- a/fs/btrfs/ctree.c
+++ b/fs/btrfs/ctree.c
@@ -2960,6 +2960,10 @@ int btrfs_search_old_slot(struct btrfs_root *root, const struct btrfs_key *key,
 
 again:
        b = get_old_root(root, time_seq);
+       if (!b) {
+               ret = -EIO;
+               goto done;
+       }
        level = btrfs_header_level(b);
        p->locks[level] = BTRFS_READ_LOCK;