diff options
| author |   Ye Bin <yebin10@huawei.com> | 2022-09-14 18:08:59 +0800 |
|---|---|---|
| committer |   Theodore Ts'o <tytso@mit.edu> | 2022-09-30 23:46:52 -0400 |
| commit | ccbf8eeb39f2ff00b54726a2b20b35d788c4ecb5 (patch) | |
| tree | e786cfd4abac7b6c963235062929c8c311e392d2 /fs/ext4 | |
| parent | jbd2: fix potential use-after-free in jbd2_fc_wait_bufs (diff) | |
| download | linux-dev-ccbf8eeb39f2ff00b54726a2b20b35d788c4ecb5.tar.xz linux-dev-ccbf8eeb39f2ff00b54726a2b20b35d788c4ecb5.zip | |
ext4: fix miss release buffer head in ext4_fc_write_inode
In 'ext4_fc_write_inode' function first call 'ext4_get_inode_loc' get 'iloc',
after use it miss release 'iloc.bh'.
So just release 'iloc.bh' before 'ext4_fc_write_inode' return.
Cc: stable@kernel.org
Signed-off-by: Ye Bin <yebin10@huawei.com>
Reviewed-by: Jan Kara <jack@suse.cz>
Link: https://lore.kernel.org/r/20220914100859.1415196-1-yebin10@huawei.com
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Diffstat (limited to 'fs/ext4')
| -rw-r--r-- | fs/ext4/fast_commit.c | 15 |
1 files changed, 9 insertions, 6 deletions
diff --git a/fs/ext4/fast_commit.c b/fs/ext4/fast_commit.c index 2af962cbb835..b7414a5812f6 100644 --- a/fs/ext4/fast_commit.c +++ b/fs/ext4/fast_commit.c @@ -874,22 +874,25 @@ static int ext4_fc_write_inode(struct inode *inode, u32 *crc) tl.fc_tag = cpu_to_le16(EXT4_FC_TAG_INODE); tl.fc_len = cpu_to_le16(inode_len + sizeof(fc_inode.fc_ino)); + ret = -ECANCELED; dst = ext4_fc_reserve_space(inode->i_sb, sizeof(tl) + inode_len + sizeof(fc_inode.fc_ino), crc); if (!dst) - return -ECANCELED; + goto err; if (!ext4_fc_memcpy(inode->i_sb, dst, &tl, sizeof(tl), crc)) - return -ECANCELED; + goto err; dst += sizeof(tl); if (!ext4_fc_memcpy(inode->i_sb, dst, &fc_inode, sizeof(fc_inode), crc)) - return -ECANCELED; + goto err; dst += sizeof(fc_inode); if (!ext4_fc_memcpy(inode->i_sb, dst, (u8 *)ext4_raw_inode(&iloc), inode_len, crc)) - return -ECANCELED; - - return 0; + goto err; + ret = 0; +err: + brelse(iloc.bh); + return ret; } /* |