[PATCH v2] f2fs: fix double free of unicode map

[PATCH v2] f2fs: fix double free of unicode map

[Hyeongseok Kim]

In case of retrying fill_super with skip_recovery,
s_encoding for casefold would not be loaded again even though it's
already been freed because it's not NULL.
Set NULL after free to prevent double freeing when unmount.

Fixes: eca4873ee1b6 ("f2fs: Use generic casefolding support")
Signed-off-by: Hyeongseok Kim <hyeongseok@gmail.com>
---
 fs/f2fs/super.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/fs/f2fs/super.c b/fs/f2fs/super.c
index 00eff2f51807..fef22e476c52 100644
--- a/fs/f2fs/super.c
+++ b/fs/f2fs/super.c
@@ -3918,6 +3918,7 @@ static int f2fs_fill_super(struct super_block *sb, void *data, int silent)
 
 #ifdef CONFIG_UNICODE
 	utf8_unload(sb->s_encoding);
+	sb->s_encoding = NULL;
 #endif
 free_options:
 #ifdef CONFIG_QUOTA
-- 
2.27.0.83.g0313f36

Re: [PATCH v2] f2fs: fix double free of unicode map

[Chao Yu]

On 2020/11/12 17:14, Hyeongseok Kim wrote:
> In case of retrying fill_super with skip_recovery,
> s_encoding for casefold would not be loaded again even though it's
> already been freed because it's not NULL.
> Set NULL after free to prevent double freeing when unmount.
> 
> Fixes: eca4873ee1b6 ("f2fs: Use generic casefolding support")
> Signed-off-by: Hyeongseok Kim <hyeongseok@gmail.com>

Reviewed-by: Chao Yu <yuchao0@huawei.com>

Thanks,