From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.7 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 19748C48BDF for ; Fri, 18 Jun 2021 07:59:37 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id EBE7361396 for ; Fri, 18 Jun 2021 07:59:36 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232603AbhFRIBo (ORCPT ); Fri, 18 Jun 2021 04:01:44 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41910 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232455AbhFRIBm (ORCPT ); Fri, 18 Jun 2021 04:01:42 -0400 Received: from mail-pg1-x533.google.com (mail-pg1-x533.google.com [IPv6:2607:f8b0:4864:20::533]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6A363C061574; Fri, 18 Jun 2021 00:59:32 -0700 (PDT) Received: by mail-pg1-x533.google.com with SMTP id e33so7153396pgm.3; Fri, 18 Jun 2021 00:59:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=dO9vd7sYPzUkbEGL9cf5HXTiOWzCKdLCgZPTGvHdqSI=; b=qf3WPuQbi1rO7hQHqHTLHqAPpN4YDpZI4MQmpdNeabsd9uDI+8MRBjKHkqKV9baqxA UjRcsfV5si/2LZrZVEgALCDmdsaQrFMOJNACRjQj+vaIF01Iqd1Q2yZi7QtjhzK4FiTS 2FS2OC11ZqzX0eVVOlTO8Ix15oRpHN2wsNxP26BAMvo3dMgS9Y5l75qeb04f8wsd0UvN 7Snw/QtYpxmbSR3LQT6Du+1r9ZIguTpvTkh/1X5/zLQfLplXWAaXs37U8r73IYw4m5U2 n3THln3WKLX2pZvZvh2kKOJE0WCnIJRZGD2xpnvznjPPgFurNnU4hroCUfARYkkMDRb+ AaFA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=dO9vd7sYPzUkbEGL9cf5HXTiOWzCKdLCgZPTGvHdqSI=; b=uPqxXsfw8TRQtQvHo7olB29SPh1faJriQGHQ4MPgF+/m9rK7ZJ1a/g1GPQ/Ila7kUt i8ZjuD+G2m62ZyQeOe2/R+se1d48ECy98hS24Nvaq9ocCsX1WUf+zgEIq4McMiobZTM5 B7oRsoTkg+Z8Je08fgj7chH2Jpj4cgnlph0pzYXlLp9OtSUj8lF7FHKQVmSR7ztIoPiM OVS4ZY/pYPW9Cp7XWKK93cAmq4HuSODr4pybi3QvtaIOsJvH3LOEynTkA7uWCxDL+B/8 khOXoBw3IkwoQEQ8zFSOGCNBlCjPv3a3XpfaWwmX9b76pcbkIz0A3m3rf1lJAiFW9pRY l5Vw== X-Gm-Message-State: AOAM533fxf5ypRkztgZzntY+5NsUHG6SwhsdN1HH7w0MBAGKkXI0jzxZ HPvhgiKnXDz157fCPq/Zhjc= X-Google-Smtp-Source: ABdhPJz3JwXH7zCmtl+3Mwn2iiW+9nGV+M6hL+pXbQoAcV1YDSC/sGIlPqhT47so8g9ez5/9OElq6w== X-Received: by 2002:a05:6a00:1789:b029:2f4:cb41:ec1d with SMTP id s9-20020a056a001789b02902f4cb41ec1dmr3805646pfg.3.1624003171965; Fri, 18 Jun 2021 00:59:31 -0700 (PDT) Received: from localhost.localdomain (220-130-175-235.HINET-IP.hinet.net. [220.130.175.235]) by smtp.gmail.com with ESMTPSA id 195sm412598pfw.133.2021.06.18.00.59.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 18 Jun 2021 00:59:31 -0700 (PDT) From: Chung-Chiang Cheng X-Google-Original-From: Chung-Chiang Cheng To: jlbec@evilplan.org, hch@lst.de, pantelis.antoniou@konsulko.com Cc: linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, Chung-Chiang Cheng Subject: [PATCH] configfs: fix memleak in configfs_release_bin_file Date: Fri, 18 Jun 2021 15:59:25 +0800 Message-Id: <20210618075925.803052-1-cccheng@synology.com> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-fsdevel@vger.kernel.org When reading binary attributes in progress, buffer->bin_buffer is setup in configfs_read_bin_file() but never freed. Fixes: 03607ace807b4 ("configfs: implement binary attributes") Signed-off-by: Chung-Chiang Cheng --- fs/configfs/file.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/fs/configfs/file.c b/fs/configfs/file.c index e26060dae70a..cdd23f4a51c8 100644 --- a/fs/configfs/file.c +++ b/fs/configfs/file.c @@ -466,9 +466,13 @@ static int configfs_release_bin_file(struct inode *inode, struct file *file) { struct configfs_buffer *buffer = file->private_data; - buffer->read_in_progress = false; - - if (buffer->write_in_progress) { + if (buffer->read_in_progress) { + buffer->read_in_progress = false; + vfree(buffer->bin_buffer); + buffer->bin_buffer = NULL; + buffer->bin_buffer_size = 0; + buffer->needs_read_fill = 1; + } else if (buffer->write_in_progress) { struct configfs_fragment *frag = to_frag(file); buffer->write_in_progress = false; -- 2.25.1