[PATCH] affs: possible null pointer dereference in affs_rename()
Florin Malita [Fri, 26 May 2006 01:44:23 +0000 (18:44 -0700)]
If affs_bread() fails, the exit path calls mark_buffer_dirty_inode() with a
NULL argument.

Coverity CID: 312.

Signed-off-by: Florin Malita <fmalita@gmail.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

fs/affs/namei.c

index d4c2d63..a42143c 100644 (file)
@@ -416,10 +416,9 @@ affs_rename(struct inode *old_dir, struct dentry *old_dentry,
                        return retval;
        }
 
-       retval = -EIO;
        bh = affs_bread(sb, old_dentry->d_inode->i_ino);
        if (!bh)
-               goto done;
+               return -EIO;
 
        /* Remove header from its parent directory. */
        affs_lock_dir(old_dir);