From 2a70587e0a522b8186cd99df7d2dda20d73e5413 Mon Sep 17 00:00:00 2001
From: Richard Genoud <richard.genoud@posteo.net>
Date: Tue, 3 Nov 2020 12:11:09 +0100
Subject: [PATCH] fs/squashfs: sqfs_size: fix dangling pointer dirs->entry

dirs->entry shouldn't be left dangling as it could be freed twice.

Signed-off-by: Richard Genoud <richard.genoud@posteo.net>
[jh80.chung: cherry picked from mainline commit 508a9dc7f694df11c7de7460f888f508e40a2046]
Signed-off-by: Jaehoon Chung <jh80.chung@samsung.com>

Change-Id: I9f03d0d18e49f3ad0b5b7f1ca6f48625c00e46aa
---
 fs/squashfs/sqfs.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/fs/squashfs/sqfs.c b/fs/squashfs/sqfs.c
index f4ecb0801d..c3b662e311 100644
--- a/fs/squashfs/sqfs.c
+++ b/fs/squashfs/sqfs.c
@@ -1572,6 +1572,7 @@ int sqfs_size(const char *filename, loff_t *size)
 		if (!ret)
 			break;
 		free(dirs->entry);
+		dirs->entry = NULL;
 	}
 
 	if (ret) {
@@ -1585,6 +1586,7 @@ int sqfs_size(const char *filename, loff_t *size)
 	ipos = sqfs_find_inode(dirs->inode_table, i_number, sblk->inodes,
 			       sblk->block_size);
 	free(dirs->entry);
+	dirs->entry = NULL;
 
 	base = (struct squashfs_base_inode *)ipos;
 	switch (get_unaligned_le16(&base->inode_type)) {
-- 
2.34.1