| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Y3+YqUbLXZ1ouynB@ZenIV>
Date: Thu, 24 Nov 2022 16:15:37 +0000
From: Al Viro <viro@...iv.linux.org.uk>
To: asmadeus@...ewreck.org
Cc: Wang Hai <wanghai38@...wei.com>, ericvh@...il.com,
lucho@...kov.net, linux_oss@...debyte.com, davem@...emloft.net,
edumazet@...gle.com, kuba@...nel.org, pabeni@...hat.com,
v9fs-developer@...ts.sourceforge.net, linux-kernel@...r.kernel.org,
netdev@...r.kernel.org
Subject: Re: [PATCH net] net/9p: Fix a potential socket leak in p9_socket_open
On Thu, Nov 24, 2022 at 06:15:54PM +0900, asmadeus@...ewreck.org wrote:
> Wang Hai wrote on Thu, Nov 24, 2022 at 04:10:05PM +0800:
> > Both p9_fd_create_tcp() and p9_fd_create_unix() will call
> > p9_socket_open(). If the creation of p9_trans_fd fails,
> > p9_fd_create_tcp() and p9_fd_create_unix() will return an
> > error directly instead of releasing the cscoket, which will
>
> (typo, socket or csocket -- I'll fix this on applying)
>
> > result in a socket leak.
> >
> > This patch adds sock_release() to fix the leak issue.
>
> Thanks, it looks good to me.
> A bit confusing that sock_alloc_files() calls sock_release() itself on
> failure, but that means this one's safe at least...
sock_alloc_file() unconditionally consumes socket reference;
either it is transferred to new struct file it returns, or
it's dropped. Makes for simpler logics in callers...
FWIW,
ACKed-by: Al Viro <viro@...iv.linux.org.uk>
on the leak fix.
Powered by blists - more mailing lists