| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 22 Aug 2022 15:57:34 +0200
From: David Disseldorp <ddiss@...e.de>
To: Stanislav Goriainov <goriainov@...ras.ru>
Cc: Miklos Szeredi <miklos@...redi.hu>, linux-unionfs@...r.kernel.org,
linux-kernel@...r.kernel.org, ldv-project@...uxtesting.org
Subject: Re: [PATCH] ovl: Fix potential memory leak
On Mon, 22 Aug 2022 14:52:57 +0300, Stanislav Goriainov wrote:
> ovl: Fix potential memory leak in ovl_lookup()
>
> If memory for uperredirect was allocated with kstrdup()
> in upperdir != NULL and d.redirect != NULL path,
> it may be lost when upperredirect is reassigned later.
>
> Found by Linux Verification Center (linuxtesting.org) with SVACE.
>
> Signed-off-by: Stanislav Goriainov <goriainov@...ras.ru>
> ---
> fs/overlayfs/namei.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/fs/overlayfs/namei.c b/fs/overlayfs/namei.c
> index 69dc577974f8..226c69812379 100644
> --- a/fs/overlayfs/namei.c
> +++ b/fs/overlayfs/namei.c
> @@ -1085,6 +1085,7 @@ struct dentry *ovl_lookup(struct inode *dir, struct dentry *dentry,
> .mnt = ovl_upper_mnt(ofs),
> };
>
> + kfree(upperredirect);
> upperredirect = ovl_get_redirect_xattr(ofs, &upperpath, 0);
> if (IS_ERR(upperredirect)) {
> err = PTR_ERR(upperredirect);
This probably deserves a:
Fixes: 0a2d0d3f2f291 ("ovl: Check redirect on index as well")
Looks fine otherwise.
Reviewed-by: David Disseldorp <ddiss@...e.de>
Powered by blists - more mailing lists