Skip to content

Commit

Permalink
cifs: fix potential use-after-free in cifs_oplock_break_put
Browse files Browse the repository at this point in the history 
cfile may very well be freed after the cifsFileInfo_put. Make sure we
have a valid pointer to the superblock for cifs_sb_deactive.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
  • Loading branch information
Jeff Layton authored and Steve French committed Nov 10, 2010
1 parent f6614b7 commit ebe2e91
Showing 1 changed file with 3 additions and 1 deletion.
4 changes: 3 additions & 1 deletion fs/cifs/file.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2271,8 +2271,10 @@ void cifs_oplock_break_get(struct cifsFileInfo *cfile)

void cifs_oplock_break_put(struct cifsFileInfo *cfile)
{
struct super_block *sb = cfile->dentry->d_sb;

cifsFileInfo_put(cfile);
cifs_sb_deactive(cfile->dentry->d_sb);
cifs_sb_deactive(sb);
}

const struct address_space_operations cifs_addr_ops = {
Expand Down

0 comments on commit ebe2e91

Please sign in to comment.