From 9509f17851da294f8ecf0fc0bfe0fe609671352d Mon Sep 17 00:00:00 2001 From: Alexey Khoroshilov Date: Tue, 30 Apr 2013 15:27:52 -0700 Subject: hfs: add error checking for hfs_find_init() hfs_find_init() may fail with ENOMEM, but there are places, where the returned value is not checked. The consequences can be very unpleasant, e.g. kfree uninitialized pointer and inappropriate mutex unlocking. The patch adds checks for errors in hfs_find_init(). Found by Linux Driver Verification project (linuxtesting.org). Signed-off-by: Alexey Khoroshilov Reviewed-by: Vyacheslav Dubeyko Cc: Hin-Tak Leung Cc: Al Viro Cc: Artem Bityutskiy Cc: Christoph Hellwig Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- fs/hfs/super.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'fs/hfs/super.c') diff --git a/fs/hfs/super.c b/fs/hfs/super.c index bbaaa8a4ee64..719760b2b0a6 100644 --- a/fs/hfs/super.c +++ b/fs/hfs/super.c @@ -418,7 +418,9 @@ static int hfs_fill_super(struct super_block *sb, void *data, int silent) } /* try to get the root inode */ - hfs_find_init(HFS_SB(sb)->cat_tree, &fd); + res = hfs_find_init(HFS_SB(sb)->cat_tree, &fd); + if (res) + goto bail_no_root; res = hfs_cat_find_brec(sb, HFS_ROOT_CNID, &fd); if (!res) { if (fd.entrylength > sizeof(rec) || fd.entrylength < 0) { -- cgit v1.2.3