forked from Minki/linux
ext4: Fix NULL dereference in ext4_ext_migrate()'s error handling
This was found through a code checker (http://repo.or.cz/w/smatch.git/). It looks like you might be able to trigger the error by trying to migrate a readonly file system. Signed-off-by: Dan Carpenter <error27@gmail.com> Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
This commit is contained in:
parent
2acf2c261b
commit
090542641d
@ -481,7 +481,7 @@ int ext4_ext_migrate(struct inode *inode)
|
||||
+ 1);
|
||||
if (IS_ERR(handle)) {
|
||||
retval = PTR_ERR(handle);
|
||||
goto err_out;
|
||||
return retval;
|
||||
}
|
||||
tmp_inode = ext4_new_inode(handle,
|
||||
inode->i_sb->s_root->d_inode,
|
||||
@ -489,8 +489,7 @@ int ext4_ext_migrate(struct inode *inode)
|
||||
if (IS_ERR(tmp_inode)) {
|
||||
retval = -ENOMEM;
|
||||
ext4_journal_stop(handle);
|
||||
tmp_inode = NULL;
|
||||
goto err_out;
|
||||
return retval;
|
||||
}
|
||||
i_size_write(tmp_inode, i_size_read(inode));
|
||||
/*
|
||||
@ -618,8 +617,7 @@ err_out:
|
||||
|
||||
ext4_journal_stop(handle);
|
||||
|
||||
if (tmp_inode)
|
||||
iput(tmp_inode);
|
||||
iput(tmp_inode);
|
||||
|
||||
return retval;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user