[PATCH v6 08/24] netfs: Fix potential uninitialised var in netfs_extract_user_iter()
CharSyam
charsyam at gmail.com
Tue May 12 06:07:51 PDT 2026
Hi, David.
It looks like ret does not need to be initialized to 0, because it is
only used after being assigned the
return value of iov_iter_extract_pages(). In the zero-length case, the
loop is skipped and ret is not used at all.
What do you think?
Thanks
DaeMyung
2026년 5월 12일 (화) 오후 9:43, David Howells <dhowells at redhat.com>님이 작성:
>
> In netfs_extract_user_iter(), if it's given a zero-length iterator, it will
> fall through the loop without setting ret, and so the error handling
> behaviour will be undefined, depending on whether ret happens to be
> negative. The value of ret then propagates back up the callstack.
>
> Fix this by presetting ret to 0.
>
> Fixes: 85dd2c8ff368 ("netfs: Add a function to extract a UBUF or IOVEC into a BVEC iterator")
> Closes: https://sashiko.dev/#/patchset/20260414082004.3756080-1-dhowells%40redhat.com
> Signed-off-by: David Howells <dhowells at redhat.com>
> cc: Paulo Alcantara <pc at manguebit.org>
> cc: Matthew Wilcox <willy at infradead.org>
> cc: netfs at lists.linux.dev
> cc: linux-fsdevel at vger.kernel.org
> ---
> fs/netfs/iterator.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/fs/netfs/iterator.c b/fs/netfs/iterator.c
> index 154a14bb2d7f..6903028b7162 100644
> --- a/fs/netfs/iterator.c
> +++ b/fs/netfs/iterator.c
> @@ -43,7 +43,7 @@ ssize_t netfs_extract_user_iter(struct iov_iter *orig, size_t orig_len,
> unsigned int max_pages;
> unsigned int npages = 0;
> unsigned int i;
> - ssize_t ret;
> + ssize_t ret = 0;
> size_t count = orig_len, offset, len;
> size_t bv_size, pg_size;
>
>
>
More information about the linux-afs
mailing list