aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorHenry C Chang <henry.cy.chang@gmail.com>2011-05-03 02:29:56 +0000
committerSage Weil <sage@newdream.net>2011-05-03 09:28:11 -0700
commitca20892db7567c40e8ed0668f46cf0d085d7db6d (patch)
tree80fe0a4cf9304b834e9faadbc08fb293db78cc84 /net
parent3772d26d87efc2d91b2e4247e0001c89ed09a980 (diff)
downloadkernel_samsung_smdk4412-ca20892db7567c40e8ed0668f46cf0d085d7db6d.tar.gz
kernel_samsung_smdk4412-ca20892db7567c40e8ed0668f46cf0d085d7db6d.tar.bz2
kernel_samsung_smdk4412-ca20892db7567c40e8ed0668f46cf0d085d7db6d.zip
libceph: fix ceph_msg_new error path
If memory allocation failed, calling ceph_msg_put() will cause GPF since some of ceph_msg variables are not initialized first. Fix Bug #970. Signed-off-by: Henry C Chang <henry_c_chang@tcloudcomputing.com> Signed-off-by: Sage Weil <sage@newdream.net>
Diffstat (limited to 'net')
-rw-r--r--net/ceph/messenger.c26
1 files changed, 13 insertions, 13 deletions
diff --git a/net/ceph/messenger.c b/net/ceph/messenger.c
index 05f357828a2..e15a82ccc05 100644
--- a/net/ceph/messenger.c
+++ b/net/ceph/messenger.c
@@ -2267,6 +2267,19 @@ struct ceph_msg *ceph_msg_new(int type, int front_len, gfp_t flags)
m->more_to_follow = false;
m->pool = NULL;
+ /* middle */
+ m->middle = NULL;
+
+ /* data */
+ m->nr_pages = 0;
+ m->page_alignment = 0;
+ m->pages = NULL;
+ m->pagelist = NULL;
+ m->bio = NULL;
+ m->bio_iter = NULL;
+ m->bio_seg = 0;
+ m->trail = NULL;
+
/* front */
if (front_len) {
if (front_len > PAGE_CACHE_SIZE) {
@@ -2286,19 +2299,6 @@ struct ceph_msg *ceph_msg_new(int type, int front_len, gfp_t flags)
}
m->front.iov_len = front_len;
- /* middle */
- m->middle = NULL;
-
- /* data */
- m->nr_pages = 0;
- m->page_alignment = 0;
- m->pages = NULL;
- m->pagelist = NULL;
- m->bio = NULL;
- m->bio_iter = NULL;
- m->bio_seg = 0;
- m->trail = NULL;
-
dout("ceph_msg_new %p front %d\n", m, front_len);
return m;