| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 13 Mar 2024 17:43:41 -0400
From: Alan Stern <stern@...land.harvard.edu>
To: Tejun Heo <tj@...nel.org>
Cc: Bart Van Assche <bvanassche@....org>,
Greg KH <gregkh@...uxfoundation.org>,
Kernel development list <linux-kernel@...r.kernel.org>
Subject: [PATCH] fs: sysfs: Fix reference leak in
sysfs_break_active_protection()
The sysfs_break_active_protection() routine has an obvious reference
leak in its error path. If the call to kernfs_find_and_get() fails then
kn will be NULL, so the companion sysfs_unbreak_active_protection()
routine won't get called (and would only cause an access violation by
trying to dereference kn->parent if it was called). As a result, the
reference to kobj acquired at the start of the function will never be
released.
Fix the leak by adding an explicit kobject_put() call when kn is NULL.
Signed-off-by: Alan Stern <stern@...land.harvard.edu>
Fixes: 2afc9166f79b ("scsi: sysfs: Introduce sysfs_{un,}break_active_protection()")
Cc: Bart Van Assche <bvanassche@....org>
Cc: <stable@...r.kernel.org>
---
fs/sysfs/file.c | 2 ++
1 file changed, 2 insertions(+)
Index: usb-devel/fs/sysfs/file.c
===================================================================
--- usb-devel.orig/fs/sysfs/file.c
+++ usb-devel/fs/sysfs/file.c
@@ -463,6 +463,8 @@ struct kernfs_node *sysfs_break_active_p
kn = kernfs_find_and_get(kobj->sd, attr->name);
if (kn)
kernfs_break_active_protection(kn);
+ else
+ kobject_put(kobj);
return kn;
}
EXPORT_SYMBOL_GPL(sysfs_break_active_protection);
Powered by blists - more mailing lists