| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20210907114105.2452-1-cymi20@fudan.edu.cn>
Date: Tue, 7 Sep 2021 19:41:05 +0800
From: Chenyuan Mi <cymi20@...an.edu.cn>
To: unlisted-recipients:; (no To-header on input)
Cc: yuanxzhang@...an.edu.cn, Chenyuan Mi <cymi20@...an.edu.cn>,
Xiyu Yang <xiyuyang19@...an.edu.cn>,
Xin Tan <tanxin.ctf@...il.com>,
Mike Marshall <hubcap@...ibond.com>,
Martin Brandenburg <martin@...ibond.com>,
devel@...ts.orangefs.org, linux-kernel@...r.kernel.org
Subject: [PATCH] orangefs: Fix sb refcount leak when allocate sb info failed.
The reference counting issue happens in one exception handling
path of orangefs_mount(). When failing to allocate sb info, the
function forgets to decrease the refcount of sb increased by
sget(), causing a refcount leak.
Fix this issue by jumping to the label "free_sb_and_op" instead
of "free_op"
Signed-off-by: Chenyuan Mi <cymi20@...an.edu.cn>
Signed-off-by: Xiyu Yang <xiyuyang19@...an.edu.cn>
Signed-off-by: Xin Tan <tanxin.ctf@...il.com>
---
fs/orangefs/super.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/orangefs/super.c b/fs/orangefs/super.c
index 2f2e430461b2..c46a9005fc44 100644
--- a/fs/orangefs/super.c
+++ b/fs/orangefs/super.c
@@ -526,7 +526,7 @@ struct dentry *orangefs_mount(struct file_system_type *fst,
sb->s_fs_info = kzalloc(sizeof(struct orangefs_sb_info_s), GFP_KERNEL);
if (!ORANGEFS_SB(sb)) {
d = ERR_PTR(-ENOMEM);
- goto free_op;
+ goto free_sb_and_op;
}
ret = orangefs_fill_sb(sb,
--
2.17.1
Powered by blists - more mailing lists