This code calls folio_put() on an error pointer which will lead to a
crash. Check for both error pointers and NULL pointers before calling
folio_put().
Fixes: 5eea586b47f0 ("ext4: convert bd_buddy_page to bd_buddy_folio")
Signed-off-by: Dan Carpenter <[email protected]>
---
fs/ext4/mballoc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/ext4/mballoc.c b/fs/ext4/mballoc.c
index 648989c125f2..9dda9cd68ab2 100644
--- a/fs/ext4/mballoc.c
+++ b/fs/ext4/mballoc.c
@@ -1717,7 +1717,7 @@ ext4_mb_load_buddy_gfp(struct super_block *sb, ext4_group_t group,
return 0;
err:
- if (folio)
+ if (!IS_ERR_OR_NULL(folio))
folio_put(folio);
if (e4b->bd_bitmap_folio)
folio_put(e4b->bd_bitmap_folio);
--
2.43.0
On Fri, 10 May 2024 18:22:53 +0300, Dan Carpenter wrote:
> This code calls folio_put() on an error pointer which will lead to a
> crash. Check for both error pointers and NULL pointers before calling
> folio_put().
>
>
Applied, thanks!
[1/1] ext4: fix error pointer dereference in ext4_mb_load_buddy_gfp()
commit: c6a6c9694aadc4c3ab8d89bdd44aed3eab1e43c6
Best regards,
--
Theodore Ts'o <[email protected]>