aio: fix potential leak in aio_run_iocb().

iovec should be reclaimed whenever caller of rw_copy_check_uvector() returns, but it doesn't hold when failure happens right after aio_setup_vectored_rw(). Fix that in a such way to avoid hairy goto. Signed-off-by: Leon Yu <chianglungyu@gmail.com> Signed-off-by: Benjamin LaHaise <bcrl@kvack.org> Cc: stable@vger.kernel.org
author: Leon Yu <chianglungyu@gmail.com> 2014-05-01 03:31:28 +0000
committer: Benjamin LaHaise <bcrl@kvack.org> 2014-05-01 08:37:43 -0400
commit: 754320d6e166d3a12cb4810a452bde00afbd4e9a (patch)
tree: 3b17b611fa318a189aa04b98abbeb2ec0062233d
parent: e02ba72aabfade4c9cd6e3263e9b57bf890ad25c (diff)
download: linux-754320d6e166d3a12cb4810a452bde00afbd4e9a.tar.gz
1 files changed, 2 insertions, 4 deletions
diff --git a/fs/aio.c b/fs/aio.c
index 2adbb0398ab9..a0ed6c7d2cd2 100644
--- a/fs/aio.c
+++ b/fs/aio.c
@@ -1327,10 +1327,8 @@ rw_common:
 						&iovec, compat)
 			: aio_setup_single_vector(req, rw, buf, &nr_segs,
 						  iovec);
-		if (ret)
-			return ret;
-
-		ret = rw_verify_area(rw, file, &req->ki_pos, req->ki_nbytes);
+		if (!ret)
+			ret = rw_verify_area(rw, file, &req->ki_pos, req->ki_nbytes);
 		if (ret < 0) {
 			if (iovec != &inline_vec)
 				kfree(iovec);
author	Leon Yu <chianglungyu@gmail.com>	2014-05-01 03:31:28 +0000
committer	Benjamin LaHaise <bcrl@kvack.org>	2014-05-01 08:37:43 -0400
commit	754320d6e166d3a12cb4810a452bde00afbd4e9a (patch)
tree	3b17b611fa318a189aa04b98abbeb2ec0062233d
parent	e02ba72aabfade4c9cd6e3263e9b57bf890ad25c (diff)
download	linux-754320d6e166d3a12cb4810a452bde00afbd4e9a.tar.gz