[PATCH V2] ubifs: Call ubifs_iput when ubifs_iget is used

Sat, 10 Aug 2024 05:57:59 -0700 

The inode should be freed after a reference is get to avoid
memory leak

Tested-by: Alexander Dahl <a...@thorsis.com>
Link: 
https://lore.kernel.org/u-boot/b698ec3e-d857-6512-8cc9-4edcab0a4...@denx.de/T/#t
Link: 
https://lore.kernel.org/all/8f3a7059-6330-f332-8e9f-729b853e0...@denx.de/T/
Co-Developed-by: Heiko Schocher <h...@denx.de>
Signed-off-by: Michael Trimarchi <mich...@amarulasolutions.com>
---
V1->V2:
        - fix compilation problem on super.c
RFC->V1:
        - Heiko gives more points to address on the patch and review it
        - Alexander Dahl test on top of his own series reported in the
          commit message
        - add leak on super.c file too from Heiko
---
 fs/ubifs/super.c | 1 +
 fs/ubifs/ubifs.c | 9 ++++++---
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/fs/ubifs/super.c b/fs/ubifs/super.c
index d8d78a2d3d..7eb2f764a2 100644
--- a/fs/ubifs/super.c
+++ b/fs/ubifs/super.c
@@ -2321,6 +2321,7 @@ static int ubifs_fill_super(struct super_block *sb, void 
*data, int silent)
                goto out_umount;
        }
 #else
+       ubifs_iput(root);
        sb->s_root = NULL;
 #endif
 
diff --git a/fs/ubifs/ubifs.c b/fs/ubifs/ubifs.c
index 048730db7f..6acd6c3776 100644
--- a/fs/ubifs/ubifs.c
+++ b/fs/ubifs/ubifs.c
@@ -319,9 +319,7 @@ static int filldir(struct ubifs_info *c, const char *name, 
int namlen,
        }
        ctime_r((time_t *)&inode->i_mtime, filetime);
        printf("%9lld  %24.24s  ", inode->i_size, filetime);
-#ifndef __UBOOT__
        ubifs_iput(inode);
-#endif
 
        printf("%s\n", name);
 
@@ -557,6 +555,7 @@ static unsigned long ubifs_findfile(struct super_block *sb, 
char *filename)
 
                        /* We have some sort of symlink recursion, bail out */
                        if (symlink_count++ > 8) {
+                               ubifs_iput(inode);
                                printf("Symlink recursion, aborting\n");
                                return 0;
                        }
@@ -568,6 +567,7 @@ static unsigned long ubifs_findfile(struct super_block *sb, 
char *filename)
                                 * the leading slash */
                                next = name = link_name + 1;
                                root_inum = 1;
+                               ubifs_iput(inode);
                                continue;
                        }
                        /* Relative to cur dir */
@@ -575,6 +575,7 @@ static unsigned long ubifs_findfile(struct super_block *sb, 
char *filename)
                                        link_name, next == NULL ? "" : next);
                        memcpy(symlinkpath, buf, sizeof(buf));
                        next = name = symlinkpath;
+                       ubifs_iput(inode);
                        continue;
                }
 
@@ -583,8 +584,10 @@ static unsigned long ubifs_findfile(struct super_block 
*sb, char *filename)
                 */
 
                /* Found the node!  */
-               if (!next || *next == '\0')
+               if (!next || *next == '\0') {
+                       ubifs_iput(inode);
                        return inum;
+               }
 
                root_inum = inum;
                name = next;
-- 
2.43.0

Reply via email to