| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Y382Spkkzt+i86e8@codewreck.org>
Date: Thu, 24 Nov 2022 18:15:54 +0900
From: asmadeus@...ewreck.org
To: Wang Hai <wanghai38@...wei.com>
Cc: ericvh@...il.com, lucho@...kov.net, linux_oss@...debyte.com,
davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org,
pabeni@...hat.com, viro@...iv.linux.org.uk,
v9fs-developer@...ts.sourceforge.net, linux-kernel@...r.kernel.org,
netdev@...r.kernel.org
Subject: Re: [PATCH net] net/9p: Fix a potential socket leak in p9_socket_open
Wang Hai wrote on Thu, Nov 24, 2022 at 04:10:05PM +0800:
> Both p9_fd_create_tcp() and p9_fd_create_unix() will call
> p9_socket_open(). If the creation of p9_trans_fd fails,
> p9_fd_create_tcp() and p9_fd_create_unix() will return an
> error directly instead of releasing the cscoket, which will
(typo, socket or csocket -- I'll fix this on applying)
> result in a socket leak.
>
> This patch adds sock_release() to fix the leak issue.
Thanks, it looks good to me.
A bit confusing that sock_alloc_files() calls sock_release() itself on
failure, but that means this one's safe at least...
> Fixes: 6b18662e239a ("9p connect fixes")
(the leak was present before that commit so I guess that's not really
correct -- but it might help figure out up to which point stable folks
will be able to backport so I guess it's useful either way)
--
Dominique
Powered by blists - more mailing lists