In ext4_ext_insert_extent, when path is assigned by
npath, there is a memory leak and then path points to
a freed memory after the function returns becasue
npath and path point to the same memory address
and npath is freed.
Signed-off-by: Shen Feng <shen@xxxxxxxxxxxxxx>
---
fs/ext4/extents.c | 4 +++-
1 files changed, 3 insertions(+), 1 deletions(-)
diff --git a/fs/ext4/extents.c b/fs/ext4/extents.c
index 3f6be32..71a56f1 100644
--- a/fs/ext4/extents.c
+++ b/fs/ext4/extents.c
@@ -1497,6 +1497,8 @@ repeat:
if (le16_to_cpu(eh->eh_entries) < le16_to_cpu(eh->eh_max)) {
ext_debug("next leaf isnt full(%d)\n",
le16_to_cpu(eh->eh_entries));
+ ext4_ext_drop_refs(path);
+ kfree(path);
path = npath;
goto repeat;
}
@@ -1578,7 +1580,7 @@ merge:
err = ext4_ext_dirty(handle, inode, path + depth);
cleanup:
- if (npath) {
+ if (npath && npath != path) {
ext4_ext_drop_refs(npath);
kfree(npath);
}
--
1.5.5.1
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
