Commit ebe2e91e authored by Jeff Layton's avatar Jeff Layton Committed by Steve French

cifs: fix potential use-after-free in cifs_oplock_break_put

cfile may very well be freed after the cifsFileInfo_put. Make sure we
have a valid pointer to the superblock for cifs_sb_deactive.
Signed-off-by: default avatarJeff Layton <jlayton@redhat.com>
Signed-off-by: default avatarSteve French <sfrench@us.ibm.com>
parent f6614b7b
...@@ -2271,8 +2271,10 @@ void cifs_oplock_break_get(struct cifsFileInfo *cfile) ...@@ -2271,8 +2271,10 @@ void cifs_oplock_break_get(struct cifsFileInfo *cfile)
void cifs_oplock_break_put(struct cifsFileInfo *cfile) void cifs_oplock_break_put(struct cifsFileInfo *cfile)
{ {
struct super_block *sb = cfile->dentry->d_sb;
cifsFileInfo_put(cfile); cifsFileInfo_put(cfile);
cifs_sb_deactive(cfile->dentry->d_sb); cifs_sb_deactive(sb);
} }
const struct address_space_operations cifs_addr_ops = { const struct address_space_operations cifs_addr_ops = {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment