fs/befs/linuxvfs.c: check superblock before dump operation

befs_dump_super_block was called between befs_load_sb and befs_check_sb.
It has been reported to crash (5/900) with null block testing.

This patch loads, checks and only dump superblock if it's a valid one
then brelse bh.

(befs_dump_super_block uses disk_sb (bh->b_data) so it seems we need to
call it before brelse(bh) but I don't know why befs_check_sb was called
after brelse.  Another thing I don't understand is why this problem
appears now).

Signed-off-by: Fabian Frederick <fabf@skynet.be>
Reported-by: Fengguang Wu <fengguang.wu@intel.com>
Cc: Joe Perches <joe@perches.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

1 files changed, 2 insertions, 4 deletions

diff --git a/fs/befs/linuxvfs.c b/fs/befs/linuxvfs.c
index 0d6c07cc1149..4cf61ec6b7a8 100644
--- a/fs/befs/linuxvfs.c
+++ b/fs/befs/linuxvfs.c
@@ -832,16 +832,14 @@ befs_fill_super(struct super_block *sb, void *data, int silent)
                     (befs_super_block *) ((void *) bh->b_data + x86_sb_off);
         }
 
-        if (befs_load_sb(sb, disk_sb) != BEFS_OK)
+        if ((befs_load_sb(sb, disk_sb) != BEFS_OK) ||
+            (befs_check_sb(sb) != BEFS_OK))
                 goto unacquire_bh;
 
         befs_dump_super_block(sb, disk_sb);
 
         brelse(bh);
 
-        if (befs_check_sb(sb) != BEFS_OK)
-                goto unacquire_priv_sbp;
-
         if( befs_sb->num_blocks > ~((sector_t)0) ) {
                 befs_error(sb, "blocks count: %llu "
                         "is larger than the host can use",