When memory allocation for mi->mrec fails, ntfs_new_inode() calls
iput(). iput() calls ni_write_inode() indirectly, it references
uninitialized mi->mrec, and this causes the kernel crash. This patch
fixes the issue by making the inode bad before calling iput().
Signed-off-by: Shigeru Yoshida <syoshida@xxxxxxxxxx>
---
fs/ntfs3/fsntfs.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/fs/ntfs3/fsntfs.c b/fs/ntfs3/fsntfs.c
index 567563771bf8..7b93f2aeb6f6 100644
--- a/fs/ntfs3/fsntfs.c
+++ b/fs/ntfs3/fsntfs.c
@@ -1683,6 +1683,7 @@ struct ntfs_inode *ntfs_new_inode(struct ntfs_sb_info *sbi, CLST rno, bool dir)
out:
if (err) {
+ _ntfs_bad_inode(inode);
iput(inode);
ni = ERR_PTR(err);
}
--
2.39.0
