lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20241006072542.66442-2-t.v.s10123@gmail.com>
Date: Sun,  6 Oct 2024 12:55:43 +0530
From: Vishnu Sanal T <t.v.s10123@...il.com>
To: linux-kernel@...r.kernel.org
Cc: akpm@...ux-foundation.org,
	lasse.collin@...aani.org,
	Vishnu Sanal T <t.v.s10123@...il.com>
Subject: [PATCH] fix: possible memory leak in unxz()

Fixes possible memory leak in the function unxz() in
lib/decompress_unxz.c forgets to free the pointer 'in', when
the statement if (fill == NULL && flush == NULL) is true.

Signed-off-by: Vishnu Sanal T <t.v.s10123@...il.com>
---
 lib/decompress_unxz.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lib/decompress_unxz.c b/lib/decompress_unxz.c
index 32138bb8ef77..8d58207ca1db 100644
--- a/lib/decompress_unxz.c
+++ b/lib/decompress_unxz.c
@@ -343,13 +343,13 @@ STATIC int INIT unxz(unsigned char *in, long in_size,
 			}
 		} while (ret == XZ_OK);
 
-		if (must_free_in)
-			free(in);
-
 		if (flush != NULL)
 			free(b.out);
 	}
 
+	if (must_free_in)
+		free(in);
+
 	if (in_used != NULL)
 		*in_used += b.in_pos;
 
-- 
2.46.2


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ