dio: fix use-after-free
Al Viro [Thu, 17 Dec 2009 09:52:13 +0000 (04:52 -0500)]
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

fs/direct-io.c

index 4012885..e82adc2 100644 (file)
@@ -1206,7 +1206,7 @@ __blockdev_direct_IO(int rw, struct kiocb *iocb, struct inode *inode,
         * NOTE: filesystems with their own locking have to handle this
         * on their own.
         */
-       if (dio->flags & DIO_LOCKING) {
+       if (flags & DIO_LOCKING) {
                if (unlikely((rw & WRITE) && retval < 0)) {
                        loff_t isize = i_size_read(inode);
                        if (end > isize)