| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20251210090601.69688-1-lihaoxiang@isrc.iscas.ac.cn>
Date: Wed, 10 Dec 2025 17:06:01 +0800
From: Haoxiang Li <lihaoxiang@...c.iscas.ac.cn>
To: cem@...nel.org,
darrick.wong@...cle.com
Cc: linux-xfs@...r.kernel.org,
linux-kernel@...r.kernel.org,
Haoxiang Li <lihaoxiang@...c.iscas.ac.cn>,
stable@...r.kernel.org,
Christoph Hellwig <hch@....de>
Subject: [PATCH v2] xfs: Fix a memory leak in xfs_buf_item_init()
xfs_buf_item_get_format() may allocate memory for bip->bli_formats,
free the memory in the error path.
Fixes: c3d5f0c2fb85 ("xfs: complain if anyone tries to create a too-large buffer log item")
Cc: stable@...r.kernel.org
Signed-off-by: Haoxiang Li <lihaoxiang@...c.iscas.ac.cn>
Reviewed-by: Christoph Hellwig <hch@....de>
---
Changes in v2:
- Modify the patch subject. Thanks, Christoph!
---
fs/xfs/xfs_buf_item.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/fs/xfs/xfs_buf_item.c b/fs/xfs/xfs_buf_item.c
index 8d85b5eee444..f4c5be67826e 100644
--- a/fs/xfs/xfs_buf_item.c
+++ b/fs/xfs/xfs_buf_item.c
@@ -896,6 +896,7 @@ xfs_buf_item_init(
map_size = DIV_ROUND_UP(chunks, NBWORD);
if (map_size > XFS_BLF_DATAMAP_SIZE) {
+ xfs_buf_item_free_format(bip);
kmem_cache_free(xfs_buf_item_cache, bip);
xfs_err(mp,
"buffer item dirty bitmap (%u uints) too small to reflect %u bytes!",
--
2.25.1
Powered by blists - more mailing lists