In ntfs_mft_data_extend_allocation_nolock(), if an error condition occurs prior to 'ctx' being set to a non-NULL value, avoid dereferencing the NULL 'ctx' pointer by jumping to later cleanup code.
Signed-off-by: Nickolai Zeldovich <nicko...@csail.mit.edu> --- fs/ntfs/mft.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/fs/ntfs/mft.c b/fs/ntfs/mft.c index 3014a36..e6ea11c 100644 --- a/fs/ntfs/mft.c +++ b/fs/ntfs/mft.c @@ -1822,13 +1822,13 @@ static int ntfs_mft_data_extend_allocation_nolock(ntfs_volume *vol) if (IS_ERR(mrec)) { ntfs_error(vol->sb, "Failed to map mft record."); ret = PTR_ERR(mrec); - goto undo_alloc; + goto undo_alloc_noctx; } ctx = ntfs_attr_get_search_ctx(mft_ni, mrec); if (unlikely(!ctx)) { ntfs_error(vol->sb, "Failed to get search context."); ret = -ENOMEM; - goto undo_alloc; + goto undo_alloc_noctx; } ret = ntfs_attr_lookup(mft_ni->type, mft_ni->name, mft_ni->name_len, CASE_SENSITIVE, rl[1].vcn, NULL, 0, ctx); @@ -1988,8 +1988,8 @@ undo_alloc: "context.%s", es); NVolSetErrors(vol); } - if (ctx) - ntfs_attr_put_search_ctx(ctx); + ntfs_attr_put_search_ctx(ctx); +undo_alloc_noctx: if (!IS_ERR(mrec)) unmap_mft_record(mft_ni); up_write(&mft_ni->runlist.lock); -- 1.7.10.4 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/