summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJ. Bruce Fields <bfields@citi.umich.edu>2009-09-04 20:40:36 +0200
committerJ. Bruce Fields <bfields@citi.umich.edu>2009-09-04 21:48:00 +0200
commitaed100fafb90aaabe8fb31e58af9dc7e68696507 (patch)
tree2567f2aa9f0bac26910e6d2910fbdd044a5ab8e2
parentnfsd: clean up readdirplus encoding (diff)
downloadlinux-aed100fafb90aaabe8fb31e58af9dc7e68696507.tar.xz
linux-aed100fafb90aaabe8fb31e58af9dc7e68696507.zip
nfsd: fix leak on error in nfsv3 readdir
Note the !dchild->d_inode case can leak the filehandle. Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
-rw-r--r--fs/nfsd/nfs3xdr.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/fs/nfsd/nfs3xdr.c b/fs/nfsd/nfs3xdr.c
index f16184a39941..edf926e1062f 100644
--- a/fs/nfsd/nfs3xdr.c
+++ b/fs/nfsd/nfs3xdr.c
@@ -825,7 +825,6 @@ compose_entry_fh(struct nfsd3_readdirres *cd, struct svc_fh *fhp,
dparent = cd->fh.fh_dentry;
exp = cd->fh.fh_export;
- fh_init(fhp, NFS3_FHSIZE);
if (isdotent(name, namlen)) {
if (namlen == 2) {
dchild = dget_parent(dparent);
@@ -859,15 +858,17 @@ __be32 *encode_entryplus_baggage(struct nfsd3_readdirres *cd, __be32 *p, const c
struct svc_fh fh;
int err;
+ fh_init(&fh, NFS3_FHSIZE);
err = compose_entry_fh(cd, &fh, name, namlen);
if (err) {
*p++ = 0;
*p++ = 0;
- return p;
+ goto out;
}
p = encode_post_op_attr(cd->rqstp, p, &fh);
*p++ = xdr_one; /* yes, a file handle follows */
p = encode_fh(p, &fh);
+out:
fh_put(&fh);
return p;
}