| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAJ-febOhan58G=Aw+-CD6OD2iKuFY3dxkzBfVMCwBd6vXs1rFg@mail.gmail.com>
Date: Wed, 20 Jan 2016 21:18:02 +0530
From: "vikram.jadhav07" <vikramjadhavpucsd2007@...il.com>
To: Andreas Dilger <adilger@...ger.ca>
Cc: "Theodore Ts'o" <tytso@....edu>, linux-ext4@...r.kernel.org
Subject: [PATCH] ext4: Buffer Head Leak In mmp
Description: ext4: Buffer Head Leak In mmp
There is memory leak as both caller function kmmpd() and callee
read_mmp_block() not releasing bh_check (i.e buffer_head).
Given patch fixes this problem.
Signed-off-by: Jadhav Vikram <vikramjadhavpucsd2007@...il.com>
Patch:
=====
--- /root/linux.orig/fs/ext4/mmp.c 2016-01-18 07:23:06.227519005 +0530
+++ /root/linux/fs/ext4/mmp.c 2016-01-18 07:31:18.545518552 +0530
@@ -98,12 +98,17 @@
}
mmp = (struct mmp_struct *)((*bh)->b_data);
- if (le32_to_cpu(mmp->mmp_magic) != EXT4_MMP_MAGIC)
+ if (le32_to_cpu(mmp->mmp_magic) != EXT4_MMP_MAGIC) {
ret = -EFSCORRUPTED;
- else if (!ext4_mmp_csum_verify(sb, mmp))
+ brelse(*bh);
+ *bh = NULL;
+ } else if (!ext4_mmp_csum_verify(sb, mmp)) {
ret = -EFSBADCRC;
- else
+ brelse(*bh);
+ *bh = NULL;
+ } else {
return 0;
+ }
warn_exit:
ext4_warning(sb, "Error %d while reading MMP block %llu",
@@ -225,6 +230,7 @@
"The filesystem seems to have been"
" multiply mounted.");
ext4_error(sb, "abort");
+ put_bh(bh_check);
goto failed;
}
put_bh(bh_check);
Download attachment "ext4-mmp-brelse.patch" of type "application/octet-stream" (823 bytes)
Powered by blists - more mailing lists