| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 1 Jun 2016 18:45:27 +0800
From: Zhouyi Zhou <yizhouzhou@....ac.cn>
To: akpm@...ux-foundation.org, penberg@...nel.org,
viro@...iv.linux.org.uk, linux-kernel@...r.kernel.org
Cc: Zhouyi Zhou <yizhouzhou@....ac.cn>,
Zhouyi Zhou <zhouzhouyi@...il.com>
Subject: [PATCH] relay: fix potential memory leak
when relay_open_buf fails in relay_open, program will goto free_bufs,
but chan is nowhere freed.
In addition, give warning to users who forget to provide create file
hook.
Signed-off-by: Zhouyi Zhou <zhouzhouyi@...il.com>
---
kernel/relay.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/kernel/relay.c b/kernel/relay.c
index 074994b..e0990c7 100644
--- a/kernel/relay.c
+++ b/kernel/relay.c
@@ -589,6 +589,13 @@ struct rchan *relay_open(const char *base_filename,
chan->parent = parent;
chan->private_data = private_data;
if (base_filename) {
+ if (!cb || !cb->create_buf_file) {
+ printk(KERN_ERR
+ "relay_open: has base filename without "
+ "providing hook to create file\n");
+ kfree(chan);
+ return NULL;
+ }
chan->has_base_filename = 1;
strlcpy(chan->base_filename, base_filename, NAME_MAX);
}
@@ -614,6 +621,7 @@ free_bufs:
kref_put(&chan->kref, relay_destroy_channel);
mutex_unlock(&relay_channels_mutex);
+ kfree(chan);
return NULL;
}
EXPORT_SYMBOL_GPL(relay_open);
--
1.9.1
Powered by blists - more mailing lists