* [nacked] sys_pipe-fix-fd-leak-if-pipe-is-called-with-an-invalid-address.patch removed from -mm tree
@ 2009-07-20 21:06 akpm
0 siblings, 0 replies; only message in thread
From: akpm @ 2009-07-20 21:06 UTC (permalink / raw)
To: xiaosuo, chris, mingo, mm-commits
The patch titled
sys_pipe(): fix fd leak if pipe() is called with an invalid address
has been removed from the -mm tree. Its filename was
sys_pipe-fix-fd-leak-if-pipe-is-called-with-an-invalid-address.patch
This patch was dropped because it was nacked
The current -mm tree may be found at http://userweb.kernel.org/~akpm/mmotm/
------------------------------------------------------
Subject: sys_pipe(): fix fd leak if pipe() is called with an invalid address
From: Changli Gao <xiaosuo@gmail.com>
fd leak if pipe() is called with an invalid address.
Though -EFAULT is returned, the file descriptors opened by pipe() call are
left open.
Signed-off-by: Changli Gao <xiaosuo@gmail.com>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Christian Zankel <chris@zankel.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
---
arch/x86/ia32/sys_ia32.c | 5 ++++-
arch/xtensa/kernel/syscall.c | 5 ++++-
2 files changed, 8 insertions(+), 2 deletions(-)
diff -puN arch/x86/ia32/sys_ia32.c~sys_pipe-fix-fd-leak-if-pipe-is-called-with-an-invalid-address arch/x86/ia32/sys_ia32.c
--- a/arch/x86/ia32/sys_ia32.c~sys_pipe-fix-fd-leak-if-pipe-is-called-with-an-invalid-address
+++ a/arch/x86/ia32/sys_ia32.c
@@ -197,8 +197,11 @@ asmlinkage long sys32_pipe(int __user *f
retval = do_pipe_flags(fds, 0);
if (retval)
goto out;
- if (copy_to_user(fd, fds, sizeof(fds)))
+ if (copy_to_user(fd, fds, sizeof(fds))) {
+ sys_close(fd[0]);
+ sys_close(fd[1]);
retval = -EFAULT;
+ }
out:
return retval;
}
diff -puN arch/xtensa/kernel/syscall.c~sys_pipe-fix-fd-leak-if-pipe-is-called-with-an-invalid-address arch/xtensa/kernel/syscall.c
--- a/arch/xtensa/kernel/syscall.c~sys_pipe-fix-fd-leak-if-pipe-is-called-with-an-invalid-address
+++ a/arch/xtensa/kernel/syscall.c
@@ -51,8 +51,11 @@ asmlinkage long xtensa_pipe(int __user *
error = do_pipe_flags(fd, 0);
if (!error) {
- if (copy_to_user(userfds, fd, 2 * sizeof(int)))
+ if (copy_to_user(userfds, fd, 2 * sizeof(int))) {
+ sys_close(fd[0]);
+ sys_close(fd[1]);
error = -EFAULT;
+ }
}
return error;
}
_
Patches currently in -mm which might be from xiaosuo@gmail.com are
sys_pipe-fix-fd-leak-if-pipe-is-called-with-an-invalid-address.patch
linux-next.patch
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2009-07-20 21:06 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2009-07-20 21:06 [nacked] sys_pipe-fix-fd-leak-if-pipe-is-called-with-an-invalid-address.patch removed from -mm tree akpm
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).