Re: [PATCH 1/2] ntfs: free link name from ntfs_name_cache

Next message: Laurentiu Mihalcea: "Re: [PATCH 1/5] dt-bindings: remoteproc: imx_rproc: document optional &quot;memory-region-names&quot;"
Previous message: zain_zhou: "[PATCH v2 2/2] staging: i3c: add Realtek RTS490x I3C HUB driver"
In reply to: DaeMyung Kang: "[PATCH 1/2] ntfs: free link name from ntfs_name_cache"
Next in thread: DaeMyung Kang: "[PATCH 2/2] ntfs: validate resident file name attribute length"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Namjae Jeon

Date: Mon May 25 2026 - 08:54:39 EST

On Sun, May 24, 2026 at 2:42 PM DaeMyung Kang <charsyam@xxxxxxxxx> wrote:
>
> ntfs_link() converts the new link name with ntfs_nlstoucs() using
> NTFS_MAX_NAME_LEN. In this case ntfs_nlstoucs() allocates the result
> from ntfs_name_cache, and its contract requires callers to release the
> buffer with kmem_cache_free(ntfs_name_cache, ...).
>
> All other ntfs_nlstoucs() callers in namei.c do that, but ntfs_link()
> uses kfree(), which mismatches the allocator for successfully converted
> names.
>
> The conversion failure path reaches the common out label with uname ==
> NULL. That was harmless for kfree(), but kmem_cache_free() does not
> provide the same NULL contract. Return directly on conversion failure
> and free successful conversions with ntfs_name_cache.
>
> Fixes: af0db57d4293 ("ntfs: update inode operations")
> Signed-off-by: DaeMyung Kang <charsyam@xxxxxxxxx>
Applied it to #ntfs-next.
Thanks!