summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeff Layton <jlayton@redhat.com>2014-04-15 12:48:49 -0400
committerSteve French <smfrench@gmail.com>2014-04-16 22:54:30 -0500
commitbae9f746a18ee31bbeeb25ae6615805ed6eca173 (patch)
tree8348a46f641e95a064eb42373023a4878666e8ba
parent8e3ecc87695f4a7e9e217ebd55ca6a39b6a451b8 (diff)
cifs: fix error handling cifs_user_readv
Coverity says: *** CID 1202537: Dereference after null check (FORWARD_NULL) /fs/cifs/file.c: 2873 in cifs_user_readv() 2867 cur_len = min_t(const size_t, len - total_read, cifs_sb->rsize); 2868 npages = DIV_ROUND_UP(cur_len, PAGE_SIZE); 2869 2870 /* allocate a readdata struct */ 2871 rdata = cifs_readdata_alloc(npages, 2872 cifs_uncached_readv_complete); >>> CID 1202537: Dereference after null check (FORWARD_NULL) >>> Comparing "rdata" to null implies that "rdata" might be null. 2873 if (!rdata) { 2874 rc = -ENOMEM; 2875 goto error; 2876 } 2877 2878 rc = cifs_read_allocate_pages(rdata, npages); ...when we "goto error", rc will be non-zero, and then we end up trying to do a kref_put on the rdata (which is NULL). Fix this by replacing the "goto error" with a "break". Reported-by: <scan-admin@coverity.com> Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <smfrench@gmail.com>
-rw-r--r--fs/cifs/file.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/fs/cifs/file.c b/fs/cifs/file.c
index d8ee76241b64..a875eedfd928 100644
--- a/fs/cifs/file.c
+++ b/fs/cifs/file.c
@@ -2882,7 +2882,7 @@ ssize_t cifs_user_readv(struct kiocb *iocb, const struct iovec *iov,
cifs_uncached_readv_complete);
if (!rdata) {
rc = -ENOMEM;
- goto error;
+ break;
}
rc = cifs_read_allocate_pages(rdata, npages);