* [PATCH] KEYS: fix KEYCTL_INSTANTIATE_IOV error case memory leak
@ 2012-11-02 12:34 Tommi Rantala
0 siblings, 0 replies; only message in thread
From: Tommi Rantala @ 2012-11-02 12:34 UTC (permalink / raw)
To: linux-kernel
Cc: Dave Jones, Tommi Rantala, David Howells, James Morris, keyrings,
linux-security-module
Avoid leaking memory in the keyctl() KEYCTL_INSTANTIATE_IOV operation, by also
checking in the error case if rw_copy_check_uvector() kmalloc'd memory for us.
Discovered with Trinity.
Signed-off-by: Tommi Rantala <tt.rantala@gmail.com>
---
security/keys/keyctl.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c
index 5d34b4e..a2c32a2 100644
--- a/security/keys/keyctl.c
+++ b/security/keys/keyctl.c
@@ -1132,12 +1132,13 @@ long keyctl_instantiate_key_iov(key_serial_t id,
ret = rw_copy_check_uvector(WRITE, _payload_iov, ioc,
ARRAY_SIZE(iovstack), iovstack, &iov);
if (ret < 0)
- return ret;
+ goto out;
if (ret == 0)
goto no_payload_free;
ret = keyctl_instantiate_key_common(id, iov, ioc, ret, ringid);
+out:
if (iov != iovstack)
kfree(iov);
return ret;
--
1.7.9.5
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2012-11-02 12:44 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-11-02 12:34 [PATCH] KEYS: fix KEYCTL_INSTANTIATE_IOV error case memory leak Tommi Rantala
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.