[PATCH] io_getevents leak fix

Spotted by Suparna: if the first range check fails, we leak a ref on the io
context.

diff --git a/fs/aio.c b/fs/aio.c
index 7e4e7a9ab802e9f466ca7f062513b6e8f4f8ce85..bc42eb7a76b34acf6e28b321c65f926e05c832e3 100644 (file)
--- a/fs/aio.c
+++ b/fs/aio.c
@@ -1240,11 +1240,9 @@ asmlinkage long sys_io_getevents(aio_context_t ctx_id,
        struct kioctx *ioctx = lookup_ioctx(ctx_id);
        long ret = -EINVAL;
 
-       if (unlikely(min_nr > nr || min_nr < 0 || nr < 0))
-               return ret;
-
-       if (likely(NULL != ioctx)) {
-               ret = read_events(ioctx, min_nr, nr, events, timeout);
+       if (likely(ioctx)) {
+               if (likely(min_nr <= nr && min_nr >= 0 && nr >= 0))
+                       ret = read_events(ioctx, min_nr, nr, events, timeout);
                put_ioctx(ioctx);
        }