* [PATCH] nfsd4: fix double free in nfsd4_do_async_copy()
@ 2020-01-13 13:23 ` Dan Carpenter
0 siblings, 0 replies; 6+ messages in thread
From: Dan Carpenter @ 2020-01-13 13:23 UTC (permalink / raw)
To: J. Bruce Fields, Olga Kornievskaia
Cc: Chuck Lever, linux-nfs, kernel-janitors
This frees "copy->nf_src" before and again after the goto.
Fixes: ce0887ac96d3 ("NFSD add nfs4 inter ssc to nfsd4_copy")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
---
fs/nfsd/nfs4proc.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c
index 1e14b3ed5674..c90c24c35b2e 100644
--- a/fs/nfsd/nfs4proc.c
+++ b/fs/nfsd/nfs4proc.c
@@ -1469,7 +1469,6 @@ static int nfsd4_do_async_copy(void *data)
copy->nf_src->nf_file = nfs42_ssc_open(copy->ss_mnt, ©->c_fh,
©->stateid);
if (IS_ERR(copy->nf_src->nf_file)) {
- kfree(copy->nf_src);
copy->nfserr = nfserr_offload_denied;
nfsd4_interssc_disconnect(copy->ss_mnt);
goto do_callback;
--
2.11.0
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH] nfsd4: fix double free in nfsd4_do_async_copy()
@ 2020-01-13 13:23 ` Dan Carpenter
0 siblings, 0 replies; 6+ messages in thread
From: Dan Carpenter @ 2020-01-13 13:23 UTC (permalink / raw)
To: J. Bruce Fields, Olga Kornievskaia
Cc: Chuck Lever, linux-nfs, kernel-janitors
This frees "copy->nf_src" before and again after the goto.
Fixes: ce0887ac96d3 ("NFSD add nfs4 inter ssc to nfsd4_copy")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
---
fs/nfsd/nfs4proc.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c
index 1e14b3ed5674..c90c24c35b2e 100644
--- a/fs/nfsd/nfs4proc.c
+++ b/fs/nfsd/nfs4proc.c
@@ -1469,7 +1469,6 @@ static int nfsd4_do_async_copy(void *data)
copy->nf_src->nf_file = nfs42_ssc_open(copy->ss_mnt, ©->c_fh,
©->stateid);
if (IS_ERR(copy->nf_src->nf_file)) {
- kfree(copy->nf_src);
copy->nfserr = nfserr_offload_denied;
nfsd4_interssc_disconnect(copy->ss_mnt);
goto do_callback;
--
2.11.0
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH] nfsd4: fix double free in nfsd4_do_async_copy()
2020-01-13 13:23 ` Dan Carpenter
@ 2020-01-21 21:56 ` Olga Kornievskaia
-1 siblings, 0 replies; 6+ messages in thread
From: Olga Kornievskaia @ 2020-01-21 21:56 UTC (permalink / raw)
To: Dan Carpenter, J. Bruce Fields
Cc: Olga Kornievskaia, Chuck Lever, linux-nfs, kernel-janitors
On Mon, Jan 13, 2020 at 8:24 AM Dan Carpenter <dan.carpenter@oracle.com> wrote:
>
> This frees "copy->nf_src" before and again after the goto.
>
> Fixes: ce0887ac96d3 ("NFSD add nfs4 inter ssc to nfsd4_copy")
> Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
> ---
> fs/nfsd/nfs4proc.c | 1 -
> 1 file changed, 1 deletion(-)
>
> diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c
> index 1e14b3ed5674..c90c24c35b2e 100644
> --- a/fs/nfsd/nfs4proc.c
> +++ b/fs/nfsd/nfs4proc.c
> @@ -1469,7 +1469,6 @@ static int nfsd4_do_async_copy(void *data)
> copy->nf_src->nf_file = nfs42_ssc_open(copy->ss_mnt, ©->c_fh,
> ©->stateid);
> if (IS_ERR(copy->nf_src->nf_file)) {
> - kfree(copy->nf_src);
> copy->nfserr = nfserr_offload_denied;
> nfsd4_interssc_disconnect(copy->ss_mnt);
> goto do_callback;
> --
> 2.11.0
>
Reviewed-by: Olga Kornievskaia <kolga@netapp.com>
Bruce, can you add this to your nfsd-next?
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] nfsd4: fix double free in nfsd4_do_async_copy()
@ 2020-01-21 21:56 ` Olga Kornievskaia
0 siblings, 0 replies; 6+ messages in thread
From: Olga Kornievskaia @ 2020-01-21 21:56 UTC (permalink / raw)
To: Dan Carpenter, J. Bruce Fields
Cc: Olga Kornievskaia, Chuck Lever, linux-nfs, kernel-janitors
On Mon, Jan 13, 2020 at 8:24 AM Dan Carpenter <dan.carpenter@oracle.com> wrote:
>
> This frees "copy->nf_src" before and again after the goto.
>
> Fixes: ce0887ac96d3 ("NFSD add nfs4 inter ssc to nfsd4_copy")
> Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
> ---
> fs/nfsd/nfs4proc.c | 1 -
> 1 file changed, 1 deletion(-)
>
> diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c
> index 1e14b3ed5674..c90c24c35b2e 100644
> --- a/fs/nfsd/nfs4proc.c
> +++ b/fs/nfsd/nfs4proc.c
> @@ -1469,7 +1469,6 @@ static int nfsd4_do_async_copy(void *data)
> copy->nf_src->nf_file = nfs42_ssc_open(copy->ss_mnt, ©->c_fh,
> ©->stateid);
> if (IS_ERR(copy->nf_src->nf_file)) {
> - kfree(copy->nf_src);
> copy->nfserr = nfserr_offload_denied;
> nfsd4_interssc_disconnect(copy->ss_mnt);
> goto do_callback;
> --
> 2.11.0
>
Reviewed-by: Olga Kornievskaia <kolga@netapp.com>
Bruce, can you add this to your nfsd-next?
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] nfsd4: fix double free in nfsd4_do_async_copy()
2020-01-21 21:56 ` Olga Kornievskaia
@ 2020-01-30 14:56 ` J. Bruce Fields
-1 siblings, 0 replies; 6+ messages in thread
From: J. Bruce Fields @ 2020-01-30 14:56 UTC (permalink / raw)
To: Olga Kornievskaia
Cc: Dan Carpenter, J. Bruce Fields, Olga Kornievskaia, Chuck Lever,
linux-nfs, kernel-janitors
On Tue, Jan 21, 2020 at 04:56:31PM -0500, Olga Kornievskaia wrote:
> On Mon, Jan 13, 2020 at 8:24 AM Dan Carpenter <dan.carpenter@oracle.com> wrote:
> >
> > This frees "copy->nf_src" before and again after the goto.
> >
> > Fixes: ce0887ac96d3 ("NFSD add nfs4 inter ssc to nfsd4_copy")
> > Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
> > ---
> > fs/nfsd/nfs4proc.c | 1 -
> > 1 file changed, 1 deletion(-)
> >
> > diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c
> > index 1e14b3ed5674..c90c24c35b2e 100644
> > --- a/fs/nfsd/nfs4proc.c
> > +++ b/fs/nfsd/nfs4proc.c
> > @@ -1469,7 +1469,6 @@ static int nfsd4_do_async_copy(void *data)
> > copy->nf_src->nf_file = nfs42_ssc_open(copy->ss_mnt, ©->c_fh,
> > ©->stateid);
> > if (IS_ERR(copy->nf_src->nf_file)) {
> > - kfree(copy->nf_src);
> > copy->nfserr = nfserr_offload_denied;
> > nfsd4_interssc_disconnect(copy->ss_mnt);
> > goto do_callback;
> > --
> > 2.11.0
> >
>
> Reviewed-by: Olga Kornievskaia <kolga@netapp.com>
>
> Bruce, can you add this to your nfsd-next?
Done, thanks for the reminder.
--b.
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] nfsd4: fix double free in nfsd4_do_async_copy()
@ 2020-01-30 14:56 ` J. Bruce Fields
0 siblings, 0 replies; 6+ messages in thread
From: J. Bruce Fields @ 2020-01-30 14:56 UTC (permalink / raw)
To: Olga Kornievskaia
Cc: Dan Carpenter, J. Bruce Fields, Olga Kornievskaia, Chuck Lever,
linux-nfs, kernel-janitors
On Tue, Jan 21, 2020 at 04:56:31PM -0500, Olga Kornievskaia wrote:
> On Mon, Jan 13, 2020 at 8:24 AM Dan Carpenter <dan.carpenter@oracle.com> wrote:
> >
> > This frees "copy->nf_src" before and again after the goto.
> >
> > Fixes: ce0887ac96d3 ("NFSD add nfs4 inter ssc to nfsd4_copy")
> > Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
> > ---
> > fs/nfsd/nfs4proc.c | 1 -
> > 1 file changed, 1 deletion(-)
> >
> > diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c
> > index 1e14b3ed5674..c90c24c35b2e 100644
> > --- a/fs/nfsd/nfs4proc.c
> > +++ b/fs/nfsd/nfs4proc.c
> > @@ -1469,7 +1469,6 @@ static int nfsd4_do_async_copy(void *data)
> > copy->nf_src->nf_file = nfs42_ssc_open(copy->ss_mnt, ©->c_fh,
> > ©->stateid);
> > if (IS_ERR(copy->nf_src->nf_file)) {
> > - kfree(copy->nf_src);
> > copy->nfserr = nfserr_offload_denied;
> > nfsd4_interssc_disconnect(copy->ss_mnt);
> > goto do_callback;
> > --
> > 2.11.0
> >
>
> Reviewed-by: Olga Kornievskaia <kolga@netapp.com>
>
> Bruce, can you add this to your nfsd-next?
Done, thanks for the reminder.
--b.
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2020-01-30 14:56 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-01-13 13:23 [PATCH] nfsd4: fix double free in nfsd4_do_async_copy() Dan Carpenter
2020-01-13 13:23 ` Dan Carpenter
2020-01-21 21:56 ` Olga Kornievskaia
2020-01-21 21:56 ` Olga Kornievskaia
2020-01-30 14:56 ` J. Bruce Fields
2020-01-30 14:56 ` J. Bruce Fields
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.