summaryrefslogtreecommitdiffstats
path: root/fs/cifs
diff options
context:
space:
mode:
authorJeff Layton <jlayton@redhat.com>2014-04-15 18:48:49 +0200
committerSteve French <smfrench@gmail.com>2014-04-17 05:54:30 +0200
commitbae9f746a18ee31bbeeb25ae6615805ed6eca173 (patch)
tree8348a46f641e95a064eb42373023a4878666e8ba /fs/cifs
parentfs: cifs: remove unused variable. (diff)
downloadlinux-bae9f746a18ee31bbeeb25ae6615805ed6eca173.tar.xz
linux-bae9f746a18ee31bbeeb25ae6615805ed6eca173.zip
cifs: fix error handling cifs_user_readv
Coverity says: *** CID 1202537: Dereference after null check (FORWARD_NULL) /fs/cifs/file.c: 2873 in cifs_user_readv() 2867 cur_len = min_t(const size_t, len - total_read, cifs_sb->rsize); 2868 npages = DIV_ROUND_UP(cur_len, PAGE_SIZE); 2869 2870 /* allocate a readdata struct */ 2871 rdata = cifs_readdata_alloc(npages, 2872 cifs_uncached_readv_complete); >>> CID 1202537: Dereference after null check (FORWARD_NULL) >>> Comparing "rdata" to null implies that "rdata" might be null. 2873 if (!rdata) { 2874 rc = -ENOMEM; 2875 goto error; 2876 } 2877 2878 rc = cifs_read_allocate_pages(rdata, npages); ...when we "goto error", rc will be non-zero, and then we end up trying to do a kref_put on the rdata (which is NULL). Fix this by replacing the "goto error" with a "break". Reported-by: <scan-admin@coverity.com> Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <smfrench@gmail.com>
Diffstat (limited to 'fs/cifs')
-rw-r--r--fs/cifs/file.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/fs/cifs/file.c b/fs/cifs/file.c
index d8ee76241b64..a875eedfd928 100644
--- a/fs/cifs/file.c
+++ b/fs/cifs/file.c
@@ -2882,7 +2882,7 @@ ssize_t cifs_user_readv(struct kiocb *iocb, const struct iovec *iov,
cifs_uncached_readv_complete);
if (!rdata) {
rc = -ENOMEM;
- goto error;
+ break;
}
rc = cifs_read_allocate_pages(rdata, npages);