On Mon, Sep 16, 2019 at 11:13:42PM -0500, Navid Emamdoost wrote:
> In affs_init_bitmap, on error handling path we may release the allocated
> memory.
Yes the memory should be released but not all paths that lead to the
label 'out' are actually errors:
288 if (affs_checksum_block(sb, bh)) {
289 pr_warn("Bitmap %u invalid - mounting %s read only.\n",
290 bm->bm_key, sb->s_id);
291 *flags |= SB_RDONLY;
292 goto out;
293 }
ie. the return value 'res' is still 0, and the filesystem is mounted
read-only.
> Signed-off-by: Navid Emamdoost <navid.emamdoost@xxxxxxxxx>
> ---
> fs/affs/bitmap.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/fs/affs/bitmap.c b/fs/affs/bitmap.c
> index 5ba9ef2742f6..745ed2cc4b51 100644
> --- a/fs/affs/bitmap.c
> +++ b/fs/affs/bitmap.c
> @@ -347,6 +347,7 @@ int affs_init_bitmap(struct super_block *sb, int *flags)
> out:
> affs_brelse(bh);
> affs_brelse(bmap_bh);
> + kfree(sbi->s_bitmap);
The sbi->s_bitmap would be freed but at umount time it will
be freed again.
> return res;
> }
>
> --
> 2.17.1
>
>
