From: Yan, Zheng <zyan@redhat.com>
Date: Wed, 15 Jun 2016 12:51:22 +0000 (+0800)
Subject: ceph: fix NULL dereference in ceph_queue_cap_snap()
X-Git-Tag: Ubuntu-5.13.0-19.19~15291^2~21
X-Git-Url: https://git.proxmox.com/?a=commitdiff_plain;h=fce8515741dfb6a233927262555295788ad22ca7;p=mirror_ubuntu-jammy-kernel.git

ceph: fix NULL dereference in ceph_queue_cap_snap()

old_snapc->seq is used in dout(...)

Signed-off-by: Yan, Zheng <zyan@redhat.com>
---

diff --git a/fs/ceph/snap.c b/fs/ceph/snap.c
index 9caaa7ffc93f..eadf2c33edc6 100644
--- a/fs/ceph/snap.c
+++ b/fs/ceph/snap.c
@@ -551,7 +551,6 @@ void ceph_queue_cap_snap(struct ceph_inode_info *ci)
 	ci->i_wrbuffer_ref_head = 0;
 	capsnap->context = old_snapc;
 	list_add_tail(&capsnap->ci_item, &ci->i_cap_snaps);
-	old_snapc = NULL;
 
 	if (used & CEPH_CAP_FILE_WR) {
 		dout("queue_cap_snap %p cap_snap %p snapc %p"
@@ -563,6 +562,7 @@ void ceph_queue_cap_snap(struct ceph_inode_info *ci)
 		__ceph_finish_cap_snap(ci, capsnap);
 	}
 	capsnap = NULL;
+	old_snapc = NULL;
 
 update_snapc:
 	if (ci->i_head_snapc) {