[PATCH] ovl: call posix_acl_release() after error checking

From: Christian Brauner
Date: Thu Nov 03 2022 - 03:18:46 EST

Next message: Tang Bin: "[PATCH] net: libwx: Remove variable dev to simplify code"
Previous message: Philippe Mathieu-Daudé: "Re: [PATCH 27/44] KVM: Drop kvm_arch_{init,exit}() hooks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The current placement of posix_acl_release() in ovl_set_or_remove_acl()
means it can be called on an error pointer instead of actual acls.
Fix this by moving the posix_acl_release() call after the error handling.

Fixes: 0e641857322f ("ovl: implement set acl method") # mainline only
Reported-by: syzbot+3f6ef1c4586bb6fd1f61@xxxxxxxxxxxxxxxxxxxxxxxxx
Signed-off-by: Christian Brauner (Microsoft) <brauner@xxxxxxxxxx>
---
fs/overlayfs/inode.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/overlayfs/inode.c b/fs/overlayfs/inode.c
index 77a77fd7a77b..ee6dfa577c93 100644
--- a/fs/overlayfs/inode.c
+++ b/fs/overlayfs/inode.c
@@ -621,11 +621,11 @@ static int ovl_set_or_remove_acl(struct dentry *dentry, struct inode *inode,
real_acl = vfs_get_acl(mnt_user_ns(realpath.mnt), realdentry,
acl_name);
revert_creds(old_cred);
- posix_acl_release(real_acl);
if (IS_ERR(real_acl)) {
err = PTR_ERR(real_acl);
goto out_drop_write;
}
+ posix_acl_release(real_acl);
}

if (!upperdentry) {
--
2.34.1

Next message: Tang Bin: "[PATCH] net: libwx: Remove variable dev to simplify code"
Previous message: Philippe Mathieu-Daudé: "Re: [PATCH 27/44] KVM: Drop kvm_arch_{init,exit}() hooks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]