ntfs: fix variable dereferenced before check warnings

Detected by Smatch.

lcnalloc.c:736 ntfs_cluster_alloc() error:
  we previously assumed 'rl' could be null (see line 719)

inode.c:3275 ntfs_inode_close() warn:
  variable dereferenced before check 'tmp_nis' (see line 3255)

attrib.c:4952 ntfs_attr_remove() warn:
  variable dereferenced before check 'ni' (see line 4951)

dir.c:1035 ntfs_readdir() error:
  we previously assumed 'private' could be null (see line 850)

Signed-off-by: Hyunchul Lee <hyc.lee@gmail.com>
Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>

Author: hclee

fs/ntfs/attrib.c

@@ -4941,31 +4941,27 @@ int ntfs_attr_exist(struct ntfs_inode *ni, const __le32 type, __le16 *name,
 int ntfs_attr_remove(struct ntfs_inode *ni, const __le32 type, __le16 *name,
 		u32 name_len)
 {
-	struct super_block *sb;
 	int err;
 	struct inode *attr_vi;
 	struct ntfs_inode *attr_ni;
 
 	ntfs_debug("Entering\n");
 
-	sb = ni->vol->sb;
-	if (!ni) {
-		ntfs_error(sb, "NULL inode pointer\n");
+	if (!ni)
 		return -EINVAL;
-	}
 
 	attr_vi = ntfs_attr_iget(VFS_I(ni), type, name, name_len);
 	if (IS_ERR(attr_vi)) {
 		err = PTR_ERR(attr_vi);
-		ntfs_error(sb, "Failed to open attribute 0x%02x of inode 0x%llx",
+		ntfs_error(ni->vol->sb, "Failed to open attribute 0x%02x of inode 0x%llx",
 				type, (unsigned long long)ni->mft_no);
 		return err;
 	}
 	attr_ni = NTFS_I(attr_vi);
 
 	err = ntfs_attr_rm(attr_ni);
 	if (err)
-		ntfs_error(sb, "Failed to remove attribute 0x%02x of inode 0x%llx",
+		ntfs_error(ni->vol->sb, "Failed to remove attribute 0x%02x of inode 0x%llx",
 				type, (unsigned long long)ni->mft_no);
 	iput(attr_vi);
 	return err;

fs/ntfs/dir.c

@@ -1032,8 +1032,10 @@ static int ntfs_readdir(struct file *file, struct dir_context *actor)
 	}
 
 	if (err) {
-		private->curr_pos = actor->pos;
-		private->end_in_iterate = true;
+		if (private) {
+			private->curr_pos = actor->pos;
+			private->end_in_iterate = true;
+		}
 		err = 0;
 	}
 	ntfs_index_ctx_put(ictx);

fs/ntfs/inode.c

@@ -3250,8 +3250,10 @@ int ntfs_inode_close(struct ntfs_inode *ni)
 	 * base inode before destroying it.
 	 */
 	base_ni = ni->ext.base_ntfs_ino;
+	tmp_nis = base_ni->ext.extent_ntfs_inos;
+	if (!tmp_nis)
+		goto out;
 	for (i = 0; i < base_ni->nr_extents; ++i) {
-		tmp_nis = base_ni->ext.extent_ntfs_inos;
 		if (tmp_nis[i] != ni)
 			continue;
 		/* Found it. Disconnect. */
@@ -3279,6 +3281,7 @@ int ntfs_inode_close(struct ntfs_inode *ni)
 		break;
 	}
 
+out:
 	if (NInoDirty(ni))
 		ntfs_error(ni->vol->sb, "Releasing dirty inode %llu!\n",
 				ni->mft_no);

fs/ntfs/lcnalloc.c

@@ -732,11 +732,13 @@ switch_to_data1_zone:		search_zone = 2;
 		folio_put(folio);
 	}
 	if (likely(!err)) {
+		if (!rl) {
+			err = -EIO;
+			goto out_restore;
+		}
 		if (is_dealloc == true)
 			ntfs_release_dirty_clusters(vol, rl->length);
 		ntfs_debug("Done.");
-		if (rl == NULL)
-			err = -EIO;
 		goto out_restore;
 	}
 	if (err != -ENOSPC)

fs/ntfs/runlist.c

@@ -1661,7 +1661,7 @@ struct runlist_element *ntfs_rl_insert_range(struct runlist_element *dst_rl, int
 {
 	struct runlist_element *i_rl, *new_rl, *src_rl_origin = src_rl;
 	struct runlist_element dst_rl_split;
-	s64 start_vcn = src_rl[0].vcn;
+	s64 start_vcn;
 	int new_1st_cnt, new_2nd_cnt, new_3rd_cnt, new_cnt;
 
 	if (!dst_rl || !src_rl || !new_rl_cnt)