[PATCH 3/3] squashfs: fix buffer release race condition in readahead code

From: Phillip Lougher
Date: Thu Oct 20 2022 - 18:36:51 EST

Next message: Guenter Roeck: "Re: [RFC PATCH v2 4/4] hwmon: (jc42) Don't cache the temperature register"
Previous message: Phillip Lougher: "[PATCH 2/3] squashfs: fix extending readahead beyond end of file"
In reply to: Phillip Lougher: "[PATCH 2/3] squashfs: fix extending readahead beyond end of file"
Next in thread: Bagas Sanjaya: "Re: [0/3] squashfs: fix some regressions introduced in the readahead code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Fix a buffer release race condition, where the error value was
used after release.

Fixes: b09a7a036d20 ("squashfs: support reading fragments in readahead call")
Cc: <stable@xxxxxxxxxxxxxxx>
Signed-off-by: Phillip Lougher <phillip@xxxxxxxxxxxxxxx>
---
fs/squashfs/file.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/fs/squashfs/file.c b/fs/squashfs/file.c
index f0afd4d6fd30..8ba8c4c50770 100644
--- a/fs/squashfs/file.c
+++ b/fs/squashfs/file.c
@@ -506,8 +506,9 @@ static int squashfs_readahead_fragment(struct page **page,
squashfs_i(inode)->fragment_size);
struct squashfs_sb_info *msblk = inode->i_sb->s_fs_info;
unsigned int n, mask = (1 << (msblk->block_log - PAGE_SHIFT)) - 1;
+ int error = buffer->error;

- if (buffer->error)
+ if (error)
goto out;

expected += squashfs_i(inode)->fragment_offset;
@@ -529,7 +530,7 @@ static int squashfs_readahead_fragment(struct page **page,

out:
squashfs_cache_put(buffer);
- return buffer->error;
+ return error;
}

static void squashfs_readahead(struct readahead_control *ractl)
--
2.35.1

Next message: Guenter Roeck: "Re: [RFC PATCH v2 4/4] hwmon: (jc42) Don't cache the temperature register"
Previous message: Phillip Lougher: "[PATCH 2/3] squashfs: fix extending readahead beyond end of file"
In reply to: Phillip Lougher: "[PATCH 2/3] squashfs: fix extending readahead beyond end of file"
Next in thread: Bagas Sanjaya: "Re: [0/3] squashfs: fix some regressions introduced in the readahead code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]