From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp.codeaurora.org by pdx-caf-mail.web.codeaurora.org (Dovecot) with LMTP id 2v+5I7RTGVtwHwAAmS7hNA ; Thu, 07 Jun 2018 15:48:39 +0000 Received: by smtp.codeaurora.org (Postfix, from userid 1000) id 5D65B607E7; Thu, 7 Jun 2018 15:48:39 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on pdx-caf-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.9 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI autolearn=ham autolearn_force=no version=3.4.0 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by smtp.codeaurora.org (Postfix) with ESMTP id CD3C160590; Thu, 7 Jun 2018 15:48:38 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 smtp.codeaurora.org CD3C160590 Authentication-Results: pdx-caf-mail.web.codeaurora.org; dmarc=none (p=none dis=none) header.from=decadent.org.uk Authentication-Results: pdx-caf-mail.web.codeaurora.org; spf=none smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S934449AbeFGPsi (ORCPT + 25 others); Thu, 7 Jun 2018 11:48:38 -0400 Received: from shadbolt.e.decadent.org.uk ([88.96.1.126]:40535 "EHLO shadbolt.e.decadent.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932779AbeFGOkL (ORCPT ); Thu, 7 Jun 2018 10:40:11 -0400 Received: from [148.252.241.226] (helo=deadeye) by shadbolt.decadent.org.uk with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from ) id 1fQvbm-0005Zo-3z; Thu, 07 Jun 2018 15:09:46 +0100 Received: from ben by deadeye with local (Exim 4.91) (envelope-from ) id 1fQvb4-0002x2-Dh; Thu, 07 Jun 2018 15:09:02 +0100 Content-Type: text/plain; charset="UTF-8" Content-Disposition: inline Content-Transfer-Encoding: 8bit MIME-Version: 1.0 From: Ben Hutchings To: linux-kernel@vger.kernel.org, stable@vger.kernel.org CC: akpm@linux-foundation.org, "Steve French" , "Namjae Jeon" , "Ashish Sangwan" Date: Thu, 07 Jun 2018 15:05:21 +0100 Message-ID: X-Mailer: LinuxStableQueue (scripts by bwh) Subject: [PATCH 3.16 170/410] cifs: fix memory leak when password is supplied multiple times In-Reply-To: X-SA-Exim-Connect-IP: 148.252.241.226 X-SA-Exim-Mail-From: ben@decadent.org.uk X-SA-Exim-Scanned: No (on shadbolt.decadent.org.uk); SAEximRunCond expanded to false Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 3.16.57-rc1 review patch. If anyone has any objections, please let me know. ------------------ From: Namjae Jeon commit d6ccf4997e62fb6629f9f003980dca5292138b7b upstream. Unlikely but possible. When password is supplied multiple times, we have to free the previous allocation. Signed-off-by: Namjae Jeon Signed-off-by: Ashish Sangwan Signed-off-by: Steve French Signed-off-by: Ben Hutchings --- fs/cifs/connect.c | 2 ++ 1 file changed, 2 insertions(+) --- a/fs/cifs/connect.c +++ b/fs/cifs/connect.c @@ -1614,6 +1614,7 @@ cifs_parse_mount_options(const char *mou tmp_end++; if (!(tmp_end < end && tmp_end[1] == delim)) { /* No it is not. Set the password to NULL */ + kfree(vol->password); vol->password = NULL; break; } @@ -1651,6 +1652,7 @@ cifs_parse_mount_options(const char *mou options = end; } + kfree(vol->password); /* Now build new password string */ temp_len = strlen(value); vol->password = kzalloc(temp_len+1, GFP_KERNEL);