From: Christian Engelmayer Date: Sat, 2 May 2015 15:19:55 +0000 (+0200) Subject: btrfs: qgroup: Fix possible leak in btrfs_add_qgroup_relation() X-Git-Tag: firefly_0821_release~176^2~1298^2~81 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=ab3680dd18f3dea341e32e5020ef16d54a4fb66f;p=firefly-linux-kernel-4.4.55.git btrfs: qgroup: Fix possible leak in btrfs_add_qgroup_relation() Commit 9c8b35b1ba21 ("btrfs: quota: Automatically update related qgroups or mark INCONSISTENT flags when assigning/deleting a qgroup relations.") introduced the allocation of a temporary ulist in function btrfs_add_qgroup_relation() and added the corresponding cleanup to the out path. However, the allocation was introduced before the src/dst level check that directly returns. Fix the possible leakage of the ulist by moving the allocation after the input validation. Detected by Coverity CID 1295988. Signed-off-by: Christian Engelmayer Reviewed-by: David Sterba Signed-off-by: Chris Mason --- diff --git a/fs/btrfs/qgroup.c b/fs/btrfs/qgroup.c index 3d6546581bb9..842ff86d4ae8 100644 --- a/fs/btrfs/qgroup.c +++ b/fs/btrfs/qgroup.c @@ -1115,14 +1115,14 @@ int btrfs_add_qgroup_relation(struct btrfs_trans_handle *trans, struct ulist *tmp; int ret = 0; - tmp = ulist_alloc(GFP_NOFS); - if (!tmp) - return -ENOMEM; - /* Check the level of src and dst first */ if (btrfs_qgroup_level(src) >= btrfs_qgroup_level(dst)) return -EINVAL; + tmp = ulist_alloc(GFP_NOFS); + if (!tmp) + return -ENOMEM; + mutex_lock(&fs_info->qgroup_ioctl_lock); quota_root = fs_info->quota_root; if (!quota_root) {