From: Dan Carpenter <dan.carpenter@oracle.com>
To: Christophe JAILLET <christophe.jaillet@wanadoo.fr>
Cc: Chuck Lever <chuck.lever@oracle.com>,
Jeff Layton <jlayton@kernel.org>,
"J. Bruce Fields" <bfields@redhat.com>,
Scott Mayhew <smayhew@redhat.com>,
linux-kernel@vger.kernel.org, kernel-janitors@vger.kernel.org,
linux-nfs@vger.kernel.org
Subject: Re: [PATCH] nfsd: Fix a memory leak in an error handling path
Date: Fri, 26 Aug 2022 14:08:08 +0300 [thread overview]
Message-ID: <20220826110808.GE2071@kadam> (raw)
In-Reply-To: <122a5729fdcd76e23641c7d1853de2a632f6a742.1661509473.git.christophe.jaillet@wanadoo.fr>
On Fri, Aug 26, 2022 at 12:24:54PM +0200, Christophe JAILLET wrote:
> If this memdup_user() call fails, the memory allocated in a previous call
> a few lines above should be freed. Otherwise it leaks.
>
> Fixes: 6ee95d1c8991 ("nfsd: add support for upcall version 2")
> Signed-off-by: Christophe JAILLET <christophe.jaillet@wanadoo.fr>
> ---
> Speculative, untested.
> ---
> fs/nfsd/nfs4recover.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/fs/nfsd/nfs4recover.c b/fs/nfsd/nfs4recover.c
> index b29d27eaa8a6..248ff9f4141c 100644
> --- a/fs/nfsd/nfs4recover.c
> +++ b/fs/nfsd/nfs4recover.c
> @@ -815,8 +815,10 @@ __cld_pipe_inprogress_downcall(const struct cld_msg_v2 __user *cmsg,
> princhash.data = memdup_user(
> &ci->cc_princhash.cp_data,
> princhashlen);
> - if (IS_ERR_OR_NULL(princhash.data))
> + if (IS_ERR_OR_NULL(princhash.data)) {
> + kfree(name.data);
> return -EFAULT;
This comment is not directed at you and is not related to your patch.
But memdup_user() never returns NULL, only error pointers. I wrote a
fifteen page blog entry about NULL vs error pointers the other week.
https://staticthinking.wordpress.com/2022/08/01/mixing-error-pointers-and-null/
This should propagate the error code from memdup_user() instead of
-EFAULT.
regards,
dan carpenter
next prev parent reply other threads:[~2022-08-26 11:08 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-08-26 10:24 [PATCH] nfsd: Fix a memory leak in an error handling path Christophe JAILLET
2022-08-26 10:41 ` Jeff Layton
2022-08-26 11:08 ` Dan Carpenter [this message]
2022-08-30 21:11 ` Chuck Lever III
2022-08-31 5:06 ` Christophe JAILLET
2022-08-31 5:44 ` Dan Carpenter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220826110808.GE2071@kadam \
--to=dan.carpenter@oracle.com \
--cc=bfields@redhat.com \
--cc=christophe.jaillet@wanadoo.fr \
--cc=chuck.lever@oracle.com \
--cc=jlayton@kernel.org \
--cc=kernel-janitors@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-nfs@vger.kernel.org \
--cc=smayhew@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.