| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1566271490-8533-1-git-send-email-wenwen@cs.uga.edu>
Date: Mon, 19 Aug 2019 22:24:50 -0500
From: Wenwen Wang <wenwen@...uga.edu>
To: Wenwen Wang <wenwen@...uga.edu>
Cc: Richard Weinberger <richard@....at>,
Artem Bityutskiy <dedekind1@...il.com>,
Adrian Hunter <adrian.hunter@...el.com>,
linux-mtd@...ts.infradead.org (open list:UBI FILE SYSTEM (UBIFS)),
linux-kernel@...r.kernel.org (open list)
Subject: [PATCH] ubifs: fix a memory leak bug
In __ubifs_node_verify_hmac(), 'hmac' is allocated through kmalloc().
However, it is not deallocated in the following execution if
ubifs_node_calc_hmac() fails, leading to a memory leak bug. To fix this
issue, free 'hmac' before returning the error.
Signed-off-by: Wenwen Wang <wenwen@...uga.edu>
---
fs/ubifs/auth.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/fs/ubifs/auth.c b/fs/ubifs/auth.c
index d9af2de..8cdbd53 100644
--- a/fs/ubifs/auth.c
+++ b/fs/ubifs/auth.c
@@ -479,8 +479,10 @@ int __ubifs_node_verify_hmac(const struct ubifs_info *c, const void *node,
return -ENOMEM;
err = ubifs_node_calc_hmac(c, node, len, ofs_hmac, hmac);
- if (err)
+ if (err) {
+ kfree(hmac);
return err;
+ }
err = crypto_memneq(hmac, node + ofs_hmac, hmac_len);
--
2.7.4
Powered by blists - more mailing lists