From f69af151a3aa3f700cac40241b5a3ed23efe66ff Mon Sep 17 00:00:00 2001 From: Suraj Sonawane Date: Wed, 20 Nov 2024 13:47:05 +0530 Subject: [PATCH] fix slab-use-after-free Read in sg_release syz test Signed-off-by: Suraj Sonawane --- drivers/scsi/sg.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/scsi/sg.c b/drivers/scsi/sg.c index f86be197f..457d54171 100644 --- a/drivers/scsi/sg.c +++ b/drivers/scsi/sg.c @@ -393,7 +393,6 @@ sg_release(struct inode *inode, struct file *filp) mutex_lock(&sdp->open_rel_lock); scsi_autopm_put_device(sdp->device); - kref_put(&sfp->f_ref, sg_remove_sfp); sdp->open_cnt--; /* possibly many open()s waiting on exlude clearing, start many; @@ -405,6 +404,7 @@ sg_release(struct inode *inode, struct file *filp) wake_up_interruptible(&sdp->open_wait); } mutex_unlock(&sdp->open_rel_lock); + kref_put(&sfp->f_ref, sg_remove_sfp); return 0; } -- 2.34.1