| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20180716120954.6720-1-colin.king@canonical.com>
Date: Mon, 16 Jul 2018 13:09:54 +0100
From: Colin King <colin.king@...onical.com>
To: "J . Bruce Fields" <bfields@...ldses.org>,
Jeff Layton <jlayton@...nel.org>, linux-nfs@...r.kernel.org
Cc: kernel-janitors@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [PATCH] nfsd: fix memory leak of async_copy
From: Colin Ian King <colin.king@...onical.com>
In the case where async_copy is successfully allocated but
the call to nfs4_init_cp_state fails, async_copy is not
currently freed and the memory is leaked. Fix this by kfree'ing
it before returning.
Detected by CoverityScan, CID#1471823 ("Resource leak")
Fixes: beb1814d5a8a ("NFSD create new stateid for async copy")
Signed-off-by: Colin Ian King <colin.king@...onical.com>
---
fs/nfsd/nfs4proc.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c
index 8f3368353aaf..3fb96a2708b9 100644
--- a/fs/nfsd/nfs4proc.c
+++ b/fs/nfsd/nfs4proc.c
@@ -1295,8 +1295,10 @@ nfsd4_copy(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
async_copy = kzalloc(sizeof(struct nfsd4_copy), GFP_KERNEL);
if (!async_copy)
goto out;
- if (!nfs4_init_cp_state(nn, copy))
+ if (!nfs4_init_cp_state(nn, copy)) {
+ kfree(async_copy);
goto out;
+ }
refcount_set(&async_copy->refcount, 1);
memcpy(©->cp_res.cb_stateid, ©->cp_stateid,
sizeof(copy->cp_stateid));
--
2.17.1
Powered by blists - more mailing lists