lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20200827062843.10188-1-dinghao.liu@zju.edu.cn>
Date:   Thu, 27 Aug 2020 14:28:43 +0800
From:   Dinghao Liu <dinghao.liu@....edu.cn>
To:     dinghao.liu@....edu.cn, kjlu@....edu
Cc:     "Theodore Ts'o" <tytso@....edu>,
        Andreas Dilger <adilger.kernel@...ger.ca>,
        linux-ext4@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [PATCH] ext4: Fix memleak in add_new_gdb

When ext4_journal_get_write_access() fails, we should release
n_group_desc, iloc.bh, dind and gdb_bh to prevent memleak.
It's the same when ext4_handle_dirty_super() fails, but we
don't need to release dind here because it has been released
before.

Signed-off-by: Dinghao Liu <dinghao.liu@....edu.cn>
---
 fs/ext4/resize.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/fs/ext4/resize.c b/fs/ext4/resize.c
index a50b51270ea9..efc0a022ca8e 100644
--- a/fs/ext4/resize.c
+++ b/fs/ext4/resize.c
@@ -843,8 +843,10 @@ static int add_new_gdb(handle_t *handle, struct inode *inode,
 
 	BUFFER_TRACE(dind, "get_write_access");
 	err = ext4_journal_get_write_access(handle, dind);
-	if (unlikely(err))
+	if (unlikely(err)) {
 		ext4_std_error(sb, err);
+		goto errout;
+	}
 
 	/* ext4_reserve_inode_write() gets a reference on the iloc */
 	err = ext4_reserve_inode_write(handle, inode, &iloc);
@@ -899,13 +901,17 @@ static int add_new_gdb(handle_t *handle, struct inode *inode,
 
 	le16_add_cpu(&es->s_reserved_gdt_blocks, -1);
 	err = ext4_handle_dirty_super(handle, sb);
-	if (err)
+	if (err) {
 		ext4_std_error(sb, err);
+		goto errsuper;
+	}
+
 	return err;
 errout:
+	brelse(dind);
+errsuper:
 	kvfree(n_group_desc);
 	brelse(iloc.bh);
-	brelse(dind);
 	brelse(gdb_bh);
 
 	ext4_debug("leaving with error %d\n", err);
-- 
2.17.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ