In case MAX_SYMLINK_NEST is reached while determining the size on a symlink node, the function returns immediately. This would not free the resources after the free_strings: label causing a memory leak.
Set the ret value and just break out of the switch to fix this. Signed-off-by: Andrea della Porta <[email protected]> --- fs/squashfs/sqfs.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/fs/squashfs/sqfs.c b/fs/squashfs/sqfs.c index b9314019b1..ac5b1cda3e 100644 --- a/fs/squashfs/sqfs.c +++ b/fs/squashfs/sqfs.c @@ -1700,7 +1700,8 @@ static int sqfs_size_nest(const char *filename, loff_t *size) case SQFS_LSYMLINK_TYPE: if (++symlinknest == MAX_SYMLINK_NEST) { *size = 0; - return -ELOOP; + ret = -ELOOP; + break; } symlink = (struct squashfs_symlink_inode *)ipos; -- 2.44.0
