From: Tommi Rantala <tt.rantala@gmail.com>
To: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: davej@redhat.com, Bill Pemberton <wfp5p@virginia.edu>,
devel@driverdev.osuosl.org, linux-kernel@vger.kernel.org,
Tommi Rantala <tt.rantala@gmail.com>
Subject: [PATCH 1/2] staging: dgrp: use correct release op for /proc/dgrp/info
Date: Fri, 8 Feb 2013 13:41:25 +0200 [thread overview]
Message-ID: <1360323686-14845-1-git-send-email-tt.rantala@gmail.com> (raw)
Trinity (the syscall fuzzer) discovered that reading /proc/dgrp/info was
leaking some memory. Fix by using the correct release op in info_proc_file_ops.
unreferenced object 0xffff88003b6696e0 (size 32):
comm "cat", pid 2321, jiffies 4294705179 (age 29.434s)
hex dump (first 32 bytes):
40 79 1c 81 ff ff ff ff 60 79 1c 81 ff ff ff ff @y......`y......
50 79 1c 81 ff ff ff ff b0 62 89 81 ff ff ff ff Py.......b......
backtrace:
[<ffffffff81c7e3b1>] kmemleak_alloc+0x21/0x50
[<ffffffff811955cb>] kmem_cache_alloc_trace+0x11b/0x190
[<ffffffff811c87dc>] single_open+0x3c/0xc0
[<ffffffff81896495>] info_proc_open+0x15/0x20
[<ffffffff8120c6d7>] proc_reg_open+0xb7/0x160
[<ffffffff811a1a5c>] do_dentry_open+0x1cc/0x280
[<ffffffff811a296a>] finish_open+0x4a/0x60
[<ffffffff811b14d7>] do_last+0xb07/0xdb0
[<ffffffff811b1842>] path_openat+0xc2/0x4f0
[<ffffffff811b1cac>] do_filp_open+0x3c/0xa0
[<ffffffff811a2dcc>] do_sys_open+0x11c/0x1c0
[<ffffffff811a2e8c>] sys_open+0x1c/0x20
[<ffffffff81ca3d69>] system_call_fastpath+0x16/0x1b
[<ffffffffffffffff>] 0xffffffffffffffff
Signed-off-by: Tommi Rantala <tt.rantala@gmail.com>
---
drivers/staging/dgrp/dgrp_specproc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/staging/dgrp/dgrp_specproc.c b/drivers/staging/dgrp/dgrp_specproc.c
index c214078..aff6707c 100644
--- a/drivers/staging/dgrp/dgrp_specproc.c
+++ b/drivers/staging/dgrp/dgrp_specproc.c
@@ -102,7 +102,7 @@ static struct file_operations info_proc_file_ops = {
.open = info_proc_open,
.read = seq_read,
.llseek = seq_lseek,
- .release = seq_release,
+ .release = single_release,
};
static struct file_operations nodeinfo_proc_file_ops = {
--
1.8.1
next reply other threads:[~2013-02-08 11:42 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-02-08 11:41 Tommi Rantala [this message]
2013-02-08 11:41 ` [PATCH 2/2] staging: dgrp: prefix function names with dgrp_ in dgrp_specproc.c Tommi Rantala
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1360323686-14845-1-git-send-email-tt.rantala@gmail.com \
--to=tt.rantala@gmail.com \
--cc=davej@redhat.com \
--cc=devel@driverdev.osuosl.org \
--cc=gregkh@linuxfoundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=wfp5p@virginia.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.