* [PATCH] ubifs: fix a memory leak bug
@ 2019-08-20 3:03 Wenwen Wang
0 siblings, 0 replies; 3+ messages in thread
From: Wenwen Wang @ 2019-08-20 3:03 UTC (permalink / raw)
To: Wenwen Wang
Cc: Richard Weinberger, Artem Bityutskiy, Adrian Hunter,
open list:UBI FILE SYSTEM (UBIFS),
open list
In read_znode(), the indexing node 'idx' is allocated by kmalloc().
However, it is not deallocated in the following execution if
ubifs_node_check_hash() fails, leading to a memory leak bug. To fix this
issue, free 'idx' before returning the error.
Signed-off-by: Wenwen Wang <wenwen@cs.uga.edu>
---
fs/ubifs/tnc_misc.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/fs/ubifs/tnc_misc.c b/fs/ubifs/tnc_misc.c
index 6f293f6..49cb34c 100644
--- a/fs/ubifs/tnc_misc.c
+++ b/fs/ubifs/tnc_misc.c
@@ -284,6 +284,7 @@ static int read_znode(struct ubifs_info *c, struct ubifs_zbranch *zzbr,
err = ubifs_node_check_hash(c, idx, zzbr->hash);
if (err) {
ubifs_bad_hash(c, idx, zzbr->hash, lnum, offs);
+ kfree(idx);
return err;
}
--
2.7.4
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [PATCH] ubifs: fix a memory leak bug
@ 2019-08-20 4:44 Wenwen Wang
0 siblings, 0 replies; 3+ messages in thread
From: Wenwen Wang @ 2019-08-20 4:44 UTC (permalink / raw)
To: Wenwen Wang
Cc: Richard Weinberger, Artem Bityutskiy, Adrian Hunter,
open list:UBI FILE SYSTEM (UBIFS),
open list
In ubifs_mount(), 'c' is allocated through kzalloc() in alloc_ubifs_info().
However, it is not deallocated in the following execution if
ubifs_fill_super() fails, leading to a memory leak bug. To fix this issue,
free 'c' before going to the 'out_deact' label.
Signed-off-by: Wenwen Wang <wenwen@cs.uga.edu>
---
fs/ubifs/super.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/fs/ubifs/super.c b/fs/ubifs/super.c
index 2c0803b..46e30e2 100644
--- a/fs/ubifs/super.c
+++ b/fs/ubifs/super.c
@@ -2252,8 +2252,10 @@ static struct dentry *ubifs_mount(struct file_system_type *fs_type, int flags,
}
} else {
err = ubifs_fill_super(sb, data, flags & SB_SILENT ? 1 : 0);
- if (err)
+ if (err) {
+ kfree(c);
goto out_deact;
+ }
/* We do not support atime */
sb->s_flags |= SB_ACTIVE;
if (IS_ENABLED(CONFIG_UBIFS_ATIME_SUPPORT))
--
2.7.4
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [PATCH] ubifs: fix a memory leak bug
@ 2019-08-20 3:24 Wenwen Wang
0 siblings, 0 replies; 3+ messages in thread
From: Wenwen Wang @ 2019-08-20 3:24 UTC (permalink / raw)
To: Wenwen Wang
Cc: Richard Weinberger, Artem Bityutskiy, Adrian Hunter,
open list:UBI FILE SYSTEM (UBIFS),
open list
In __ubifs_node_verify_hmac(), 'hmac' is allocated through kmalloc().
However, it is not deallocated in the following execution if
ubifs_node_calc_hmac() fails, leading to a memory leak bug. To fix this
issue, free 'hmac' before returning the error.
Signed-off-by: Wenwen Wang <wenwen@cs.uga.edu>
---
fs/ubifs/auth.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/fs/ubifs/auth.c b/fs/ubifs/auth.c
index d9af2de..8cdbd53 100644
--- a/fs/ubifs/auth.c
+++ b/fs/ubifs/auth.c
@@ -479,8 +479,10 @@ int __ubifs_node_verify_hmac(const struct ubifs_info *c, const void *node,
return -ENOMEM;
err = ubifs_node_calc_hmac(c, node, len, ofs_hmac, hmac);
- if (err)
+ if (err) {
+ kfree(hmac);
return err;
+ }
err = crypto_memneq(hmac, node + ofs_hmac, hmac_len);
--
2.7.4
^ permalink raw reply related [flat|nested] 3+ messages in thread
end of thread, other threads:[~2019-08-20 4:44 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-08-20 3:03 [PATCH] ubifs: fix a memory leak bug Wenwen Wang
2019-08-20 3:24 Wenwen Wang
2019-08-20 4:44 Wenwen Wang
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).