projects / GitHub / MotorolaMobilityLLC / kernel-slsi.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 1e2ee49)
fs/affs/super.c: bugfix / double free
authorFabian Frederick <fabf@skynet.be>
Tue, 6 May 2014 19:50:11 +0000 (12:50 -0700)
committerLinus Torvalds <torvalds@linux-foundation.org>
Tue, 6 May 2014 20:05:00 +0000 (13:05 -0700)
Commit 842a859db26b ("affs: use ->kill_sb() to simplify ->put_super()
and failure exits of ->mount()") adds .kill_sb which frees sbi but
doesn't remove sbi free in case of parse_options error causing double
free+random crash.

Signed-off-by: Fabian Frederick <fabf@skynet.be>
Cc: Alexander Viro <viro@zeniv.linux.org.uk>
Cc: <stable@vger.kernel.org> [3.14.x]
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
fs/affs/super.c patch | blob | blame | history

diff --git a/fs/affs/super.c b/fs/affs/super.c
index 6d589f28bf9b849bae629cea4d61f7dba60eda2d..895ac7dc9dbf9ef1ab800b713373887ebc17f903 100644 (file)
--- a/fs/affs/super.c
+++ b/fs/affs/super.c
@@ -340,8 +340,6 @@ static int affs_fill_super(struct super_block *sb, void *data, int silent)
                                &blocksize,&sbi->s_prefix,
                                sbi->s_volume, &mount_flags)) {
                printk(KERN_ERR "AFFS: Error parsing options\n");
-               kfree(sbi->s_prefix);
-               kfree(sbi);
                return -EINVAL;
        }
        /* N.B. after this point s_prefix must be released */
Motorola kernel-slsi