ceph: fix memory leak on decode error in ceph_handle_caps

[ Upstream commit 2ad32cf09bd28a21e6ad1595355a023ed631b529 ] If we hit a decoding error late in the frame, then we might exit the function without putting the pool_ns string. Ensure that we always put that reference on the way out of the function. Signed-off-by: Jeff Layton <jlayton@kernel.org> Reviewed-by: Ilya Dryomov <idryomov@gmail.com> Signed-off-by: Ilya Dryomov <idryomov@gmail.com> Signed-off-by: Sasha Levin <sashal@kernel.org>
author: Jeff Layton <jlayton@kernel.org> 2021-07-01 10:41:46 -0400
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2021-09-26 14:10:21 +0200
commit: 8e4e080b2be0b979cbd90b1a587d4afa9ef074ab (patch)
tree: 27466a084b49aeef2e4ce3eeb5e71771eccceb73 /fs
parent: abae6b3bab39538dd1562ef60e2194f57239db86 (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/fs/ceph/caps.c b/fs/ceph/caps.c
index ba562efdf07b..1f3d67133958 100644
--- a/fs/ceph/caps.c
+++ b/fs/ceph/caps.c
@@ -4137,8 +4137,9 @@ void ceph_handle_caps(struct ceph_mds_session *session,
 done:
 	mutex_unlock(&session->s_mutex);
 done_unlocked:
-	ceph_put_string(extra_info.pool_ns);
 	iput(inode);
+out:
+	ceph_put_string(extra_info.pool_ns);
 	return;
 
 flush_cap_releases:
@@ -4153,7 +4154,7 @@ flush_cap_releases:
 bad:
 	pr_err("ceph_handle_caps: corrupt message\n");
 	ceph_msg_dump(msg);
-	return;
+	goto out;
 }
 
 /*
author	Jeff Layton <jlayton@kernel.org>	2021-07-01 10:41:46 -0400
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2021-09-26 14:10:21 +0200
commit	8e4e080b2be0b979cbd90b1a587d4afa9ef074ab (patch)
tree	27466a084b49aeef2e4ce3eeb5e71771eccceb73 /fs
parent	abae6b3bab39538dd1562ef60e2194f57239db86 (diff)