nfsd: fix dentry leak upon mkdir failure.
authorTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Mon, 12 Aug 2019 02:16:11 +0000 (11:16 +0900)
committerJ. Bruce Fields <bfields@redhat.com>
Thu, 15 Aug 2019 18:53:00 +0000 (14:53 -0400)
syzbot is reporting that nfsd_mkdir() forgot to remove dentry created by
d_alloc_name() when __nfsd_mkdir() failed (due to memory allocation fault
injection) [1].

[1] https://syzkaller.appspot.com/bug?id=ce41a1f769ea4637ebffedf004a803e8405b4674

Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Reported-by: syzbot <syzbot+2c95195d5d433f6ed6cb@syzkaller.appspotmail.com>
Fixes: e8a79fb14f6b76b5 ("nfsd: add nfsd/clients directory")
[bfields: clean up in nfsd_mkdir instead of __nfsd_mkdir]
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
fs/nfsd/nfsctl.c

index 13c548733860cca6414b23bc30caea2d64c69b02..928a0b2c05dc4284eaaa1e2f735458f57cec4e18 100644 (file)
@@ -1205,6 +1205,7 @@ out:
        inode_unlock(dir);
        return dentry;
 out_err:
+       dput(dentry);
        dentry = ERR_PTR(ret);
        goto out;
 }