| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20210622060419.GA29360@lst.de>
Date: Tue, 22 Jun 2021 08:04:19 +0200
From: Christoph Hellwig <hch@....de>
To: Chung-Chiang Cheng <shepjeng@...il.com>
Cc: jlbec@...lplan.org, hch@....de, pantelis.antoniou@...sulko.com,
linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org,
Chung-Chiang Cheng <cccheng@...ology.com>
Subject: Re: [PATCH] configfs: fix memleak in configfs_release_bin_file
Hmm. The issue looks real, but I think we should just call the vfree
unconditionally given that the buffer structure is zeroed on allocation
and freed just after, and also remove the pointless clearing of all the
flags. Does something like this work for you?
diff --git a/fs/configfs/file.c b/fs/configfs/file.c
index 53913b84383a..1ab6afb84f04 100644
--- a/fs/configfs/file.c
+++ b/fs/configfs/file.c
@@ -393,11 +393,8 @@ static int configfs_release_bin_file(struct inode *inode, struct file *file)
{
struct configfs_buffer *buffer = file->private_data;
- buffer->read_in_progress = false;
-
if (buffer->write_in_progress) {
struct configfs_fragment *frag = to_frag(file);
- buffer->write_in_progress = false;
down_read(&frag->frag_sem);
if (!frag->frag_dead) {
@@ -407,13 +404,9 @@ static int configfs_release_bin_file(struct inode *inode, struct file *file)
buffer->bin_buffer_size);
}
up_read(&frag->frag_sem);
- /* vfree on NULL is safe */
- vfree(buffer->bin_buffer);
- buffer->bin_buffer = NULL;
- buffer->bin_buffer_size = 0;
- buffer->needs_read_fill = 1;
}
+ vfree(buffer->bin_buffer);
configfs_release(inode, file);
return 0;
}
Powered by blists - more mailing lists