frv: fix mmap2 error handling
David Howells [Mon, 1 Dec 2008 21:14:00 +0000 (13:14 -0800)]
Fix the error handling in sys_mmap2().  Currently, if the pgoff check
fails, fput() might have to be called (which it isn't), so do the pgoff
check first, before fget() is called.

Signed-off-by: David Howells <dhowells@redhat.com>
Reported-by: Julia Lawall <julia@diku.dk>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

arch/frv/kernel/sys_frv.c

index 49b2cf2..baadc97 100644 (file)
@@ -35,22 +35,21 @@ asmlinkage long sys_mmap2(unsigned long addr, unsigned long len,
        int error = -EBADF;
        struct file * file = NULL;
 
-       flags &= ~(MAP_EXECUTABLE | MAP_DENYWRITE);
-       if (!(flags & MAP_ANONYMOUS)) {
-               file = fget(fd);
-               if (!file)
-                       goto out;
-       }
-
        /* As with sparc32, make sure the shift for mmap2 is constant
           (12), no matter what PAGE_SIZE we have.... */
 
        /* But unlike sparc32, don't just silently break if we're
           trying to map something we can't */
-       if (pgoff & ((1<<(PAGE_SHIFT-12))-1))
+       if (pgoff & ((1 << (PAGE_SHIFT - 12)) - 1))
                return -EINVAL;
+       pgoff >>= PAGE_SHIFT - 12;
 
-       pgoff >>= (PAGE_SHIFT - 12);
+       flags &= ~(MAP_EXECUTABLE | MAP_DENYWRITE);
+       if (!(flags & MAP_ANONYMOUS)) {
+               file = fget(fd);
+               if (!file)
+                       goto out;
+       }
 
        down_write(&current->mm->mmap_sem);
        error = do_mmap_pgoff(file, addr, len, prot, flags, pgoff);