From 9b5546c37ab020039f06855eae28fbd56adb096b Mon Sep 17 00:00:00 2001
From: Qu Wenruo <wqu@suse.com>
Date: Sat, 31 Oct 2020 09:07:49 +0800
Subject: [PATCH] fs: btrfs: inode: handle uninitialized type before returning
 it
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

In btrfs_lookup_path() the local variable @type should always be updated
after we hit any file/dir.

But if @filename is NULL from the very beginning, then we don't
initialize it and return it directly.

To prevent such problem from happening, we initialize @type to
BTRFS_FT_UNKNOWN.
For normal execution route, it will get updated for each filename we
resolved.
Buf if we didn't find any path, we check if the type is still FT_UNKNOWN
and ret == 0. If true we know there is something wrong, just return
-EUCLEAN to inform the caller.

Reported-by: Coverity CID 312958
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
---
 fs/btrfs/inode.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/fs/btrfs/inode.c b/fs/btrfs/inode.c
index ff330280e0..019d532a1a 100644
--- a/fs/btrfs/inode.c
+++ b/fs/btrfs/inode.c
@@ -251,7 +251,7 @@ int btrfs_lookup_path(struct btrfs_root *root, u64 ino, const char *filename,
 	const char *cur = filename;
 	u64 next_ino;
 	u8 next_type;
-	u8 type;
+	u8 type = BTRFS_FT_UNKNOWN;
 	int len;
 	int ret = 0;
 
@@ -335,6 +335,10 @@ next:
 		cur += len;
 	}
 
+	/* We haven't found anything, but still get no error? */
+	if (type == BTRFS_FT_UNKNOWN && !ret)
+		ret = -EUCLEAN;
+
 	if (!ret) {
 		*root_ret = root;
 		*ino_ret = ino;
-- 
2.39.5