syzbot is reporting that nfsd_mkdir() forgot to remove dentry created by d_alloc_name() when __nfsd_mkdir() failed (due to memory allocation fault injection) [1]. [1] https://syzkaller.appspot.com/bug?id=ce41a1f769ea4637ebffedf004a803e8405b4674 Signed-off-by: Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx> Reported-by: syzbot <syzbot+2c95195d5d433f6ed6cb@xxxxxxxxxxxxxxxxxxxxxxxxx> Fixes: e8a79fb14f6b76b5 ("nfsd: add nfsd/clients directory") Cc: J. Bruce Fields <bfields@xxxxxxxxxx> --- fs/nfsd/nfsctl.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/fs/nfsd/nfsctl.c b/fs/nfsd/nfsctl.c index 13c5487..e32dc1c 100644 --- a/fs/nfsd/nfsctl.c +++ b/fs/nfsd/nfsctl.c @@ -1176,8 +1176,10 @@ static int __nfsd_mkdir(struct inode *dir, struct dentry *dentry, umode_t mode) struct inode *inode; inode = nfsd_get_inode(dir->i_sb, mode); - if (!inode) + if (!inode) { + dput(dentry); return -ENOMEM; + } d_add(dentry, inode); inc_nlink(dir); fsnotify_mkdir(dir, dentry); -- 1.8.3.1
