In hfs_brec_insert() and hfs_brec_update_parent(), hfs_bnode_find()
may return ERR_PTR() on failure, but the result was used without
checking, risking NULL pointer dereference or invalid pointer usage.

Add IS_ERR() checks after these calls and return PTR_ERR()
on error.

Signed-off-by: Haotian Zhang <vulab@iscas.ac.cn>
---
 fs/hfs/brec.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/fs/hfs/brec.c b/fs/hfs/brec.c
index e49a141c87e5..afa1840a4847 100644
--- a/fs/hfs/brec.c
+++ b/fs/hfs/brec.c
@@ -149,6 +149,8 @@ int hfs_brec_insert(struct hfs_find_data *fd, void *entry, int entry_len)
 			new_node->parent = tree->root;
 		}
 		fd->bnode = hfs_bnode_find(tree, new_node->parent);
+		if (IS_ERR(fd->bnode))
+			return PTR_ERR(fd->bnode);
 
 		/* create index data entry */
 		cnid = cpu_to_be32(new_node->this);
@@ -449,6 +451,8 @@ static int hfs_brec_update_parent(struct hfs_find_data *fd)
 			new_node->parent = tree->root;
 		}
 		fd->bnode = hfs_bnode_find(tree, new_node->parent);
+		if (IS_ERR(fd->bnode))
+			return PTR_ERR(fd->bnode);
 		/* create index key and entry */
 		hfs_bnode_read_key(new_node, fd->search_key, 14);
 		cnid = cpu_to_be32(new_node->this);
-- 
2.25.1