lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <E490CD805F7529488761C40FD9D26EF12A72A2C9@dggemm507-mbx.china.huawei.com>
Date:   Wed, 1 Aug 2018 09:23:57 +0000
From:   Nixiaoming <nixiaoming@...wei.com>
To:     "viro@...iv.linux.org.uk" <viro@...iv.linux.org.uk>,
        "serge@...lyn.com" <serge@...lyn.com>,
        "jmorris@...ei.org" <jmorris@...ei.org>,
        "eparis@...isplace.org" <eparis@...isplace.org>,
        "sds@...ho.nsa.gov" <sds@...ho.nsa.gov>,
        "paul@...l-moore.com" <paul@...l-moore.com>,
        Lizefan <lizefan@...wei.com>, "miaoxie (A)" <miaoxie@...wei.com>
CC:     "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "linux-security-module@...r.kernel.org" 
        <linux-security-module@...r.kernel.org>,
        "selinux@...ho.nsa.gov" <selinux@...ho.nsa.gov>,
        "linux-fsdevel@...r.kernel.org" <linux-fsdevel@...r.kernel.org>
Subject: maybe resource leak in security/selinux/selinuxfs.c

advisory:
1 After creating dentry in d_alloc_name, should I call dput to release resources before the exception exit?
2 After calling the new_inode to create an inode, should the inode resource be released before the exception exit?

If the dentry and inode resources need to be actively released, there are multiple resource leaks in security/selinux/selinuxfs.c.

Example:
Linux master branch v4.18-rc5
The function sel_make_avc_files in security/selinux/selinuxfs.c.

1566 static int sel_make_avc_files(struct dentry *dir)
.......
1580     for (i = 0; i < ARRAY_SIZE(files); i++) {
1581         struct inode *inode;
1582         struct dentry *dentry;
1583
1584         dentry = d_alloc_name(dir, files[i].name);
1585         if (!dentry)
/*Resource leak: when i!=0, the release action of dentry and inode resources is missing*/
1586             return -ENOMEM;
1587
1588         inode = sel_make_inode(dir->d_sb, S_IFREG|files[i].mode);
1589         if (!inode)
/*Resource leak: missing dput(dentry)*/
/*Resource leak: when i!=0, the release action of dentry and inode resources is missing*/
1590             return -ENOMEM;
1591
1592         inode->i_fop = files[i].ops;
1593         inode->i_ino = ++fsi->last_ino;
1594         d_add(dentry, inode);
1595     }
1596
1597     return 0;
1598 }

There are similar resource leaking functions:
Sel_make_bools
Sel_make_avc_files
Sel_make_initcon_files
Sel_make_perm_files
Sel_make_class_dir_entries
Sel_make_policycap
Sel_fill_super
Sel_make_policy_nodes
Sel_make_classes

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ