Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp5482438imu;
        Mon, 26 Nov 2018 00:45:15 -0800 (PST)
X-Google-Smtp-Source: AFSGD/U3E81i1bHh9j9MF3Eptky5HPO+ZoQm1xID9TOKbQh/WNNWoSu8U9mFVzfdXAONKHzPQ0SY
X-Received: by 2002:a62:7086:: with SMTP id l128mr6797661pfc.68.1543221915151;
        Mon, 26 Nov 2018 00:45:15 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1543221915; cv=none;
        d=google.com; s=arc-20160816;
        b=RxbHojkLAdpYjB/xz4qaD0KBG9RU7S/Tl6MHLO64VIc/1yJs6caFnAqQXfAG+t7BOQ
         jg81ew9xV6/DSaMx0JLJmfssQeeXb83vL7TZjmJ24IAixAnM6CgdwuGIPUgT8aL5Ed2Z
         MYQ8fJ/zO6Evf20TYsOy69M9hXDGGOLd/wYTs1lqRgE2Pu1dCQSrPjuihUiUwUnAoS5Z
         YkDiy6T9VZc6iAwO0G4mH9mHAbGNw+ShS9OJR7HW9hE5gJum2n1D++xGpv+jVj0vDprA
         Hr+cdlQVTGt3RV0yJyzgPNIleQml4FEHSbu+nOUWQWjI5MuAPuBCgdSa3JjZaJ663Liw
         1TUg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=mRUPHWAZbqOzpceLysnWh/u7NmcOm2I8CdBzUvVl9WY=;
        b=BIQljOd2o8i9qQPab1dXb9Q/Xu0IVm+jG+UjhWdoWxjPRbmLge70BAbKjJ+gPrP37x
         H3vYZyVbtxOELxBnjbIKtHXGrdWLjWlfW9Ht+B/km432qHxyz0u2cYa5AWGbTcTkCv8y
         a/RMs6gGz7AkzTE3Ysxb3T4VOa2WEwUtnpb2ILlXJf1AnCJK8Q8dj8EU2U+uL4gfTa/l
         untXFniTIasF1cD8j+ZMqts2ZRbz6SBCUIlPk4UWLFgUR5yIdS5qQW0StiV3i9bmj7Xs
         o9CC2rR9UF8qa9TrKCLoM1JTawqPBI999xVEtp8kwnbySaUJyqpEOT4QkNkKnrWRnA7R
         HaDw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@163.com header.s=s110527 header.b="X/0UUI72";
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id o3-v6si65818332pld.329.2018.11.26.00.45.00;
        Mon, 26 Nov 2018 00:45:15 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@163.com header.s=s110527 header.b="X/0UUI72";
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726241AbeKZThf (ORCPT <rfc822;patchstalker@gmail.com>
        + 99 others); Mon, 26 Nov 2018 14:37:35 -0500
Received: from m12-14.163.com ([220.181.12.14]:53139 "EHLO m12-14.163.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726167AbeKZThf (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 26 Nov 2018 14:37:35 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=163.com;
        s=s110527; h=From:Subject:Date:Message-Id; bh=mRUPHWAZbqOzpceLys
        nWh/u7NmcOm2I8CdBzUvVl9WY=; b=X/0UUI72BuOq7LA1cQ3Y/o0hqo4y5gN/vB
        WC6LWpb7EMucZyuUrlo2mDQAiksXWQMl01KNltHxHNjz0UzHfwfEht9piMdsqa+c
        /pV/rYcXeYedf5zGEWIRG3wxH6vW7zZ3LrpJFiSLiuQEDaFDi1sepo7Z4AFeZp27
        53HAtLitA=
Received: from bp.localdomain (unknown [106.120.213.96])
        by smtp10 (Coremail) with SMTP id DsCowADX6QwysvtbCavNBw--.55256S3;
        Mon, 26 Nov 2018 16:43:32 +0800 (CST)
From:   Pan Bian <bianpan2016@163.com>
To:     Bob Peterson <rpeterso@redhat.com>,
        Andreas Gruenbacher <agruenba@redhat.com>
Cc:     Christoph Hellwig <hch@infradead.org>, cluster-devel@redhat.com,
        linux-kernel@vger.kernel.org, Pan Bian <bianpan2016@163.com>
Subject: [PATCH] gfs2: get rid of potential double free
Date:   Mon, 26 Nov 2018 16:43:29 +0800
Message-Id: <1543221809-86560-1-git-send-email-bianpan2016@163.com>
X-Mailer: git-send-email 2.7.4
X-CM-TRANSID: DsCowADX6QwysvtbCavNBw--.55256S3
X-Coremail-Antispam: 1Uf129KBjvdXoW7JF1xZw1xWr1rCF1kAw43Wrg_yoWkWFc_AF
        4DKwn5u34UW3WkXa9xuw45trs3ArWDW3W8CrW8tFy3ArW8K3srGr1DWwn5Cr15ZF47ZrZ5
        trykXFyjkr1SgjkaLaAFLSUrUUUUUb8apTn2vfkv8UJUUUU8Yxn0WfASr-VFAUDa7-sFnT
        9fnUUvcSsGvfC2KfnxnUUI43ZEXa7IUnFeHDUUUUU==
X-Originating-IP: [106.120.213.96]
X-CM-SenderInfo: held01tdqsiiqw6rljoofrz/1tbiVAkLclUMGKWupAAAsK
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

__gfs2_set_acl will not increase the reference count of acl if it fails.
In this case, posix_acl_release are called twice, one after
__gfs2_set_acl and one in the error handling block. This patch does not
release acl when __gfs2_set_acl fails.

Fixes: e01580bf9e4("gfs2: use generic posix ACL infrastructure")
Signed-off-by: Pan Bian <bianpan2016@163.com>
---
 fs/gfs2/inode.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/fs/gfs2/inode.c b/fs/gfs2/inode.c
index 648f0ca..3a9041c 100644
--- a/fs/gfs2/inode.c
+++ b/fs/gfs2/inode.c
@@ -744,12 +744,13 @@ static int gfs2_create_inode(struct inode *dir, struct dentry *dentry,
 			       the gfs2 structures. */
 	if (default_acl) {
 		error = __gfs2_set_acl(inode, default_acl, ACL_TYPE_DEFAULT);
-		posix_acl_release(default_acl);
+		if (!error)
+			posix_acl_release(default_acl);
 	}
-	if (acl) {
+	if (acl && !error) {
+		error = __gfs2_set_acl(inode, acl, ACL_TYPE_ACCESS);
 		if (!error)
-			error = __gfs2_set_acl(inode, acl, ACL_TYPE_ACCESS);
-		posix_acl_release(acl);
+			posix_acl_release(acl);
 	}
 
 	if (error)
-- 
2.7.4