www.infradead.org Git - users/jedix/linux-maple.git/commit

author	Eric Sandeen <sandeen@sandeen.net>
	Fri, 8 Jun 2018 16:53:49 +0000 (09:53 -0700)
committer	Brian Maly <brian.maly@oracle.com>
	Tue, 4 Dec 2018 20:51:39 +0000 (15:51 -0500)
commit	a655ac3cdef52cb1f0fa6d199946a6a497b103b9
tree	575c2a515ff43c8d5d1c205509a75a3f0cb287c0	tree
parent	7fc15f7cc2da195cd1bd1730e1d4473671f56be8	commit \| diff

xfs: don't call xfs_da_shrink_inode with NULL bp

xfs_attr3_leaf_create may have errored out before instantiating a buffer,
for example if the blkno is out of range. In that case there is no work
to do to remove it, and in fact xfs_da_shrink_inode will lead to an oops
if we try.

This also seems to fix a flaw where the original error from
xfs_attr3_leaf_create gets overwritten in the cleanup case, and it
removes a pointless assignment to bp which isn't used after this.

Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=199969
Reported-by: Xu, Wen <wen.xu@gatech.edu>
Tested-by: Xu, Wen <wen.xu@gatech.edu>
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Reviewed-by: Darrick J. Wong <darrick.wong@oracle.com>
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
(cherry picked from commit bb3d48dcf86a97dc25fe9fc2c11938e19cb4399a)

Orabug: 28898616
CVE: CVE-2018-13094

Reviewed-by: Jack Vogel <jack.vogel@oracle.com>
Signed-off-by: Allen Pais <allen.pais@oracle.com>
Signed-off-by: Brian Maly <brian.maly@oracle.com>