Gitweb:     http://git.kernel.org/linus/fd2dd9fbaf9e498ec63eef298921e36556f7214c
Commit:     fd2dd9fbaf9e498ec63eef298921e36556f7214c
Parent:     8b472d739b2ddd8ab7fb278874f696cd95b25a5e
Author:     Curt Wohlgemuth <curtw@google.com>
AuthorDate: Sat Apr 3 17:44:16 2010 -0400
Committer:  Theodore Ts'o <tytso@mit.edu>
CommitDate: Sat Apr 3 17:44:16 2010 -0400

    ext4: Fix buffer head leaks after calls to ext4_get_inode_loc()
    
    Calls to ext4_get_inode_loc() returns with a reference to a buffer
    head in iloc->bh.  The callers of this function in ext4_write_inode()
    when in no journal mode and in ext4_xattr_fiemap() don't release the
    buffer head after using it.
    
    Addresses-Google-Bug: #2548165
    
    Signed-off-by: Curt Wohlgemuth <curtw@google.com>
    Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
---
 fs/ext4/extents.c |    1 +
 fs/ext4/inode.c   |    1 +
 2 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/fs/ext4/extents.c b/fs/ext4/extents.c
index 94c8ee8..236b834 100644
--- a/fs/ext4/extents.c
+++ b/fs/ext4/extents.c
@@ -3879,6 +3879,7 @@ static int ext4_xattr_fiemap(struct inode *inode,
 		physical += offset;
 		length = EXT4_SB(inode->i_sb)->s_inode_size - offset;
 		flags |= FIEMAP_EXTENT_DATA_INLINE;
+		brelse(iloc.bh);
 	} else { /* external block */
 		physical = EXT4_I(inode)->i_file_acl << blockbits;
 		length = inode->i_sb->s_blocksize;
diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c
index 87e3c70..ba1eee8 100644
--- a/fs/ext4/inode.c
+++ b/fs/ext4/inode.c
@@ -5385,6 +5385,7 @@ int ext4_write_inode(struct inode *inode, struct writeback_control *wbc)
 				   (unsigned long long)iloc.bh->b_blocknr);
 			err = -EIO;
 		}
+		brelse(iloc.bh);
 	}
 	return err;
 }
--

[ message continues ]