Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754450AbcKYJLf (ORCPT ); Fri, 25 Nov 2016 04:11:35 -0500 Received: from mx2.suse.de ([195.135.220.15]:45240 "EHLO mx2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751221AbcKYIas (ORCPT ); Fri, 25 Nov 2016 03:30:48 -0500 X-Amavis-Alert: BAD HEADER SECTION, Duplicate header field: "References" From: Jiri Slaby To: stable@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Richard Weinberger , Jiri Slaby Subject: [PATCH 3.12 008/127] UBIFS: Fix possible memory leak in ubifs_readdir() Date: Fri, 25 Nov 2016 09:28:41 +0100 Message-Id: X-Mailer: git-send-email 2.10.2 In-Reply-To: References: In-Reply-To: References: Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1071 Lines: 41 From: Richard Weinberger 3.12-stable review patch. If anyone has any objections, please let me know. =============== commit aeeb14f763917ccf639a602cfbeee6957fd944a2 upstream. If ubifs_tnc_next_ent() returns something else than -ENOENT we leak file->private_data. Signed-off-by: Richard Weinberger Reviewed-by: David Gstir Signed-off-by: Jiri Slaby --- fs/ubifs/dir.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/fs/ubifs/dir.c b/fs/ubifs/dir.c index 6b4947f75af7..9bd17a857667 100644 --- a/fs/ubifs/dir.c +++ b/fs/ubifs/dir.c @@ -447,13 +447,14 @@ static int ubifs_readdir(struct file *file, struct dir_context *ctx) } out: + kfree(file->private_data); + file->private_data = NULL; + if (err != -ENOENT) { ubifs_err("cannot find next direntry, error %d", err); return err; } - kfree(file->private_data); - file->private_data = NULL; /* 2 is a special value indicating that there are no more direntries */ ctx->pos = 2; return 0; -- 2.10.2