ext4_common.c: Clean up failure cases in alloc_triple_indirect_block
authorTom Rini <trini@konsulko.com>
Thu, 10 Dec 2015 21:42:21 +0000 (16:42 -0500)
committerTom Rini <trini@konsulko.com>
Thu, 14 Jan 2016 02:05:20 +0000 (21:05 -0500)
As noted by Coverity, when we have an error in
alloc_triple_indirect_block we will leak ti_pbuff_start_addr as it's not
being freed.  Further inspection here shows that we could also leak
ti_cbuff_start_addr in one corner case so free that as well.

Reported-by: Coverity (CID 131205, 131206)
Signed-off-by: Tom Rini <trini@konsulko.com>
fs/ext4/ext4_common.c

index 55efa4dd761878253be4291c60327b0da0e1f6e0..294a46eadfded68c3da42f44477e6239a480131c 100644 (file)
@@ -1287,11 +1287,11 @@ static void alloc_triple_indirect_block(struct ext2_inode *file_inode,
                ti_gp_blockno = ext4fs_get_new_blk_no();
                if (ti_gp_blockno == -1) {
                        printf("no block left to assign\n");
-                       goto fail;
+                       return;
                }
                ti_gp_buff = zalloc(fs->blksz);
                if (!ti_gp_buff)
-                       goto fail;
+                       return;
 
                ti_gp_buff_start_addr = ti_gp_buff;
                (*no_blks_reqd)++;
@@ -1321,11 +1321,11 @@ static void alloc_triple_indirect_block(struct ext2_inode *file_inode,
                                ti_child_blockno = ext4fs_get_new_blk_no();
                                if (ti_child_blockno == -1) {
                                        printf("no block left assign\n");
-                                       goto fail;
+                                       goto fail1;
                                }
                                ti_child_buff = zalloc(fs->blksz);
                                if (!ti_child_buff)
-                                       goto fail;
+                                       goto fail1;
 
                                ti_cbuff_start_addr = ti_child_buff;
                                *ti_parent_buff = ti_child_blockno;
@@ -1341,7 +1341,8 @@ static void alloc_triple_indirect_block(struct ext2_inode *file_inode,
                                            ext4fs_get_new_blk_no();
                                        if (actual_block_no == -1) {
                                                printf("no block left\n");
-                                               goto fail;
+                                               free(ti_cbuff_start_addr);
+                                               goto fail1;
                                        }
                                        *ti_child_buff = actual_block_no;
                                        debug("TIAB %ld: %u\n", actual_block_no,
@@ -1373,7 +1374,11 @@ static void alloc_triple_indirect_block(struct ext2_inode *file_inode,
                put_ext4(((uint64_t) ((uint64_t)ti_gp_blockno * (uint64_t)fs->blksz)),
                         ti_gp_buff_start_addr, fs->blksz);
                file_inode->b.blocks.triple_indir_block = ti_gp_blockno;
+               free(ti_gp_buff_start_addr);
+               return;
        }
+fail1:
+       free(ti_pbuff_start_addr);
 fail:
        free(ti_gp_buff_start_addr);
 }