jffs2: Fix use-after-free bug in jffs2_iget()'s error handling path

author Jake Daryll Obina <jake.obina@gmail.com>

Thu, 21 Sep 2017 16:00:14 +0000 (00:00 +0800)

committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Wed, 30 May 2018 05:50:22 +0000 (07:50 +0200)
author Jake Daryll Obina <jake.obina@gmail.com>
Thu, 21 Sep 2017 16:00:14 +0000 (00:00 +0800)
committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Wed, 30 May 2018 05:50:22 +0000 (07:50 +0200)
diff --git a/fs/jffs2/fs.c b/fs/jffs2/fs.c

index 567653f7c0ce2e342c56f155faeab5100f90610a..c9c47d03a690cdd8b0acc2c74e0984920430534d 100644 (file)
--- a/fs/jffs2/fs.c
+++ b/fs/jffs2/fs.c
@@ -361,7 +361,6 @@ error_io:
         ret = -EIO;
  error:
         mutex_unlock(&f->sem);
-       jffs2_do_clear_inode(c, f);
         iget_failed(inode);
         return ERR_PTR(ret);
  }
author	Jake Daryll Obina <jake.obina@gmail.com>
	Thu, 21 Sep 2017 16:00:14 +0000 (00:00 +0800)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Wed, 30 May 2018 05:50:22 +0000 (07:50 +0200)