* extract_hostname() and extract_sharename() never return NULL, so use IS_ERR() instead of IS_ERR_OR_NULL() in cifs_find_swn_reg(). If any of these functions return an error, then return an error pointer instead of NULL. * Change cifs_find_swn_reg() function to always return a valid pointer or an error pointer, instead of returning NULL if the registration is not found. * Finally update cifs_find_swn_reg() callers to check for -EEXIST instead of NULL. * In cifs_get_swn_reg() the swnreg idr mutex was not unlocked in the error path of cifs_find_swn_reg() call. Reported-By: Dan Carpenter <dan.carpenter@xxxxxxxxxx> Signed-off-by: Samuel Cabrero <scabrero@xxxxxxx> --- fs/cifs/cifs_swn.c | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/fs/cifs/cifs_swn.c b/fs/cifs/cifs_swn.c index a172769c239f..69b7571010a6 100644 --- a/fs/cifs/cifs_swn.c +++ b/fs/cifs/cifs_swn.c @@ -259,24 +259,24 @@ static struct cifs_swn_reg *cifs_find_swn_reg(struct cifs_tcon *tcon) const char *net_name; net_name = extract_hostname(tcon->treeName); - if (IS_ERR_OR_NULL(net_name)) { + if (IS_ERR(net_name)) { int ret; ret = PTR_ERR(net_name); cifs_dbg(VFS, "%s: failed to extract host name from target '%s': %d\n", __func__, tcon->treeName, ret); - return NULL; + return ERR_PTR(-EINVAL); } share_name = extract_sharename(tcon->treeName); - if (IS_ERR_OR_NULL(share_name)) { + if (IS_ERR(share_name)) { int ret; ret = PTR_ERR(net_name); cifs_dbg(VFS, "%s: failed to extract share name from target '%s': %d\n", __func__, tcon->treeName, ret); kfree(net_name); - return NULL; + return ERR_PTR(-EINVAL); } idr_for_each_entry(&cifs_swnreg_idr, swnreg, id) { @@ -299,7 +299,7 @@ static struct cifs_swn_reg *cifs_find_swn_reg(struct cifs_tcon *tcon) kfree(net_name); kfree(share_name); - return NULL; + return ERR_PTR(-EEXIST); } /* @@ -315,12 +315,13 @@ static struct cifs_swn_reg *cifs_get_swn_reg(struct cifs_tcon *tcon) /* Check if we are already registered for this network and share names */ reg = cifs_find_swn_reg(tcon); - if (IS_ERR(reg)) { - return reg; - } else if (reg != NULL) { + if (!IS_ERR(reg)) { kref_get(®->ref_count); mutex_unlock(&cifs_swnreg_idr_mutex); return reg; + } else if (PTR_ERR(reg) != -EEXIST) { + mutex_unlock(&cifs_swnreg_idr_mutex); + return reg; } reg = kmalloc(sizeof(struct cifs_swn_reg), GFP_ATOMIC); @@ -630,9 +631,9 @@ int cifs_swn_unregister(struct cifs_tcon *tcon) mutex_lock(&cifs_swnreg_idr_mutex); swnreg = cifs_find_swn_reg(tcon); - if (swnreg == NULL) { + if (IS_ERR(swnreg)) { mutex_unlock(&cifs_swnreg_idr_mutex); - return -EEXIST; + return PTR_ERR(swnreg); } mutex_unlock(&cifs_swnreg_idr_mutex); -- 2.29.2