lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 10 Oct 2006 15:17:32 -0700
From:	Joel Becker <Joel.Becker@...cle.com>
To:	Chandra Seetharaman <sekharan@...ibm.com>
Cc:	akpm@...l.org, linux-kernel@...r.kernel.org,
	ckrm-tech@...ts.sourceforge.net, mark.fasheh@...cle.com
Subject: Re: [PATCH 1/5] Fix a module count leak.

Obviously a bug.  I've pulled it into my tree and it should appear in
OCFS2's ALL branch very shortly.

Joel

On Tue, Oct 10, 2006 at 11:20:49AM -0700, Chandra Seetharaman wrote:
> check_perm() does not drop the reference to the module when kmalloc()
> failure occurs. This patch fixes the problem.
> 
> Signed-Off-By: Chandra Seetharaman <sekharan@...ibm.com>
> --
> 
>  fs/configfs/file.c |   16 +++++++++-------
>  1 files changed, 9 insertions(+), 7 deletions(-)
> 
> Index: linux-2.6.18/fs/configfs/file.c
> ===================================================================
> --- linux-2.6.18.orig/fs/configfs/file.c
> +++ linux-2.6.18/fs/configfs/file.c
> @@ -275,14 +275,15 @@ static int check_perm(struct inode * ino
>  	 * it in file->private_data for easy access.
>  	 */
>  	buffer = kmalloc(sizeof(struct configfs_buffer),GFP_KERNEL);
> -	if (buffer) {
> -		memset(buffer,0,sizeof(struct configfs_buffer));
> -		init_MUTEX(&buffer->sem);
> -		buffer->needs_read_fill = 1;
> -		buffer->ops = ops;
> -		file->private_data = buffer;
> -	} else
> +	if (!buffer) {
>  		error = -ENOMEM;
> +		goto Enomem;
> +	}
> +	memset(buffer,0,sizeof(struct configfs_buffer));
> +	init_MUTEX(&buffer->sem);
> +	buffer->needs_read_fill = 1;
> +	buffer->ops = ops;
> +	file->private_data = buffer;
>  	goto Done;
>  
>   Einval:
> @@ -290,6 +291,7 @@ static int check_perm(struct inode * ino
>  	goto Done;
>   Eaccess:
>  	error = -EACCES;
> + Enomem:
>  	module_put(attr->ca_owner);
>   Done:
>  	if (error && item)
> 
> -- 
> 
> ----------------------------------------------------------------------
>     Chandra Seetharaman               | Be careful what you choose....
>               - sekharan@...ibm.com   |      .......you may get it.
> ----------------------------------------------------------------------

-- 

"I almost ran over an angel
 He had a nice big fat cigar.
 'In a sense,' he said, 'You're alone here
 So if you jump, you'd best jump far.'"

Joel Becker
Principal Software Developer
Oracle
E-mail: joel.becker@...cle.com
Phone: (650) 506-8127
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ