[PATCH] erofs-utils: fix use after free in closedir
Gao Xiang
hsiangkao at redhat.com
Fri Nov 27 21:46:40 AEDT 2020
Hi Jianan,
On Fri, Nov 27, 2020 at 06:15:11PM +0800, Huang Jianan wrote:
> No need to closedir _dir again since it has been released.
>
> Signed-off-by: Huang Jianan <huangjianan at oppo.com>
> Signed-off-by: Guo Weichao <guoweichao at oppo.com>
> ---
> lib/inode.c | 5 +++--
> 1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/lib/inode.c b/lib/inode.c
> index eb2e0f2..2397bc7 100644
> --- a/lib/inode.c
> +++ b/lib/inode.c
> @@ -958,11 +958,11 @@ struct erofs_inode *erofs_mkfs_build_tree(struct erofs_inode *dir)
>
> ret = erofs_prepare_dir_file(dir);
> if (ret)
> - goto err_closedir;
> + goto err;
>
> ret = erofs_prepare_inode_buffer(dir);
> if (ret)
> - goto err_closedir;
> + goto err;
Thanks for finding this, after looking into the current dev branch,
I think
if (IS_ERR(d->inode)) {
ret = PTR_ERR(d->inode);
fail:
d->inode = NULL;
d->type = EROFS_FT_UNKNOWN;
goto err_closedir;
}
needs to be fixed as well.
You could fix it or I can also send the next version about this
if needed.
Thanks,
Gao Xiang
>
> if (IS_ROOT(dir))
> erofs_fixup_meta_blkaddr(dir);
> @@ -1003,6 +1003,7 @@ fail:
>
> err_closedir:
> closedir(_dir);
> +err:
> return ERR_PTR(ret);
> }
>
> --
> 2.25.1
>
More information about the Linux-erofs
mailing list