mm-commits.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [nacked] sys_pipe-fix-fd-leak-if-pipe-is-called-with-an-invalid-address.patch removed from -mm tree
@ 2009-07-20 21:06 akpm
  0 siblings, 0 replies; only message in thread
From: akpm @ 2009-07-20 21:06 UTC (permalink / raw)
  To: xiaosuo, chris, mingo, mm-commits


The patch titled
     sys_pipe(): fix fd leak if pipe() is called with an invalid address
has been removed from the -mm tree.  Its filename was
     sys_pipe-fix-fd-leak-if-pipe-is-called-with-an-invalid-address.patch

This patch was dropped because it was nacked

The current -mm tree may be found at http://userweb.kernel.org/~akpm/mmotm/

------------------------------------------------------
Subject: sys_pipe(): fix fd leak if pipe() is called with an invalid address
From: Changli Gao <xiaosuo@gmail.com>

fd leak if pipe() is called with an invalid address.

Though -EFAULT is returned, the file descriptors opened by pipe() call are
left open.

Signed-off-by: Changli Gao <xiaosuo@gmail.com>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Christian Zankel <chris@zankel.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
---

 arch/x86/ia32/sys_ia32.c     |    5 ++++-
 arch/xtensa/kernel/syscall.c |    5 ++++-
 2 files changed, 8 insertions(+), 2 deletions(-)

diff -puN arch/x86/ia32/sys_ia32.c~sys_pipe-fix-fd-leak-if-pipe-is-called-with-an-invalid-address arch/x86/ia32/sys_ia32.c
--- a/arch/x86/ia32/sys_ia32.c~sys_pipe-fix-fd-leak-if-pipe-is-called-with-an-invalid-address
+++ a/arch/x86/ia32/sys_ia32.c
@@ -197,8 +197,11 @@ asmlinkage long sys32_pipe(int __user *f
 	retval = do_pipe_flags(fds, 0);
 	if (retval)
 		goto out;
-	if (copy_to_user(fd, fds, sizeof(fds)))
+	if (copy_to_user(fd, fds, sizeof(fds))) {
+		sys_close(fd[0]);
+		sys_close(fd[1]);
 		retval = -EFAULT;
+	}
 out:
 	return retval;
 }
diff -puN arch/xtensa/kernel/syscall.c~sys_pipe-fix-fd-leak-if-pipe-is-called-with-an-invalid-address arch/xtensa/kernel/syscall.c
--- a/arch/xtensa/kernel/syscall.c~sys_pipe-fix-fd-leak-if-pipe-is-called-with-an-invalid-address
+++ a/arch/xtensa/kernel/syscall.c
@@ -51,8 +51,11 @@ asmlinkage long xtensa_pipe(int __user *
 
 	error = do_pipe_flags(fd, 0);
 	if (!error) {
-		if (copy_to_user(userfds, fd, 2 * sizeof(int)))
+		if (copy_to_user(userfds, fd, 2 * sizeof(int))) {
+			sys_close(fd[0]);
+			sys_close(fd[1]);
 			error = -EFAULT;
+		}
 	}
 	return error;
 }
_

Patches currently in -mm which might be from xiaosuo@gmail.com are

sys_pipe-fix-fd-leak-if-pipe-is-called-with-an-invalid-address.patch
linux-next.patch


^ permalink raw reply	[flat|nested] only message in thread
only message in thread, other threads:[~2009-07-20 21:06 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2009-07-20 21:06 [nacked] sys_pipe-fix-fd-leak-if-pipe-is-called-with-an-invalid-address.patch removed from -mm tree akpm

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).