superrob1500
/
mirror-linux
mirror of https://github.com/torvalds/linux
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

xfs: fix iunlock calls in xrep_adoption_trans_alloc 

If the transaction allocation in xrep_adoption_trans_alloc fails, we
should drop only the locks that we took.  In this case this is
ILOCK_EXCL of both the orphanage and the file being repaired.  Dropping
any IOLOCK here is incorrect.

Found by fuzzing u3.sfdir3.list[1].name = zeroes in xfs/1546.

Signed-off-by: Darrick J. Wong <djwong@kernel.org>
Reviewed-by: Christoph Hellwig <hch@lst.de>
pull/878/head
Darrick J. Wong 2024-04-22 09:48:28 -07:00
parent 6691753752
commit b44bfc0695
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
fs/xfs/scrub/orphanage.c
View File

@ -382,7 +382,7 @@ xrep_adoption_trans_alloc(
out_cancel:
xchk_trans_cancel(sc);
xrep_orphanage_iunlock(sc, XFS_ILOCK_EXCL);
xrep_orphanage_iunlock(sc, XFS_IOLOCK_EXCL);
xchk_iunlock(sc, XFS_ILOCK_EXCL);
return error;
}