[PATCH] ext4: fix memory leak in ext4_ext_insert

public inbox for linux-ext4@vger.kernel.org
 help / color / mirror / Atom feed

* [PATCH] ext4: fix memory leak in ext4_ext_insert_extent
@ 2008-06-19  7:54 Shen Feng
  2008-06-19 16:08 ` Aneesh Kumar K.V
  0 siblings, 1 reply; 2+ messages in thread
From: Shen Feng @ 2008-06-19  7:54 UTC (permalink / raw)
  To: linux-ext4, Mingming Cao, Aneesh Kumar K.V


In ext4_ext_insert_extent, when path is assigned by
npath, there is a memory leak and then path points to
a freed memory after the function returns becasue
npath and path point to the same memory address
and npath is freed.

Signed-off-by: Shen Feng <shen@cn.fujitsu.com>
---
 fs/ext4/extents.c |    4 +++-
 1 files changed, 3 insertions(+), 1 deletions(-)

diff --git a/fs/ext4/extents.c b/fs/ext4/extents.c
index 3f6be32..71a56f1 100644
--- a/fs/ext4/extents.c
+++ b/fs/ext4/extents.c
@@ -1497,6 +1497,8 @@ repeat:
 		if (le16_to_cpu(eh->eh_entries) < le16_to_cpu(eh->eh_max)) {
 			ext_debug("next leaf isnt full(%d)\n",
 				  le16_to_cpu(eh->eh_entries));
+			ext4_ext_drop_refs(path);
+			kfree(path);
 			path = npath;
 			goto repeat;
 		}
@@ -1578,7 +1580,7 @@ merge:
 	err = ext4_ext_dirty(handle, inode, path + depth);
 
 cleanup:
-	if (npath) {
+	if (npath && npath != path) {
 		ext4_ext_drop_refs(npath);
 		kfree(npath);
 	}
-- 
1.5.5.1

^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: [PATCH] ext4: fix memory leak in ext4_ext_insert_extent
  2008-06-19  7:54 [PATCH] ext4: fix memory leak in ext4_ext_insert_extent Shen Feng
@ 2008-06-19 16:08 ` Aneesh Kumar K.V
  0 siblings, 0 replies; 2+ messages in thread
From: Aneesh Kumar K.V @ 2008-06-19 16:08 UTC (permalink / raw)
  To: Shen Feng; +Cc: linux-ext4, Mingming Cao

On Thu, Jun 19, 2008 at 03:54:27PM +0800, Shen Feng wrote:
> 
> In ext4_ext_insert_extent, when path is assigned by
> npath, there is a memory leak and then path points to
> a freed memory after the function returns becasue
> npath and path point to the same memory address
> and npath is freed.


NACK. The  refs are dropped and path freed in the caller.
For example look at ext4_ext_get_blocks we drop the path reference
at

2741 out2:
2742         if (path) {
2743                 ext4_ext_drop_refs(path);
2744                 kfree(path);
2745         }

in ext4_ext_insert_extent we use npath as a local variable
and is freed toward the end.



> 
> Signed-off-by: Shen Feng <shen@cn.fujitsu.com>
> ---
>  fs/ext4/extents.c |    4 +++-
>  1 files changed, 3 insertions(+), 1 deletions(-)
> 
> diff --git a/fs/ext4/extents.c b/fs/ext4/extents.c
> index 3f6be32..71a56f1 100644
> --- a/fs/ext4/extents.c
> +++ b/fs/ext4/extents.c
> @@ -1497,6 +1497,8 @@ repeat:
>  		if (le16_to_cpu(eh->eh_entries) < le16_to_cpu(eh->eh_max)) {
>  			ext_debug("next leaf isnt full(%d)\n",
>  				  le16_to_cpu(eh->eh_entries));
> +			ext4_ext_drop_refs(path);
> +			kfree(path);
>  			path = npath;
>  			goto repeat;
>  		}
> @@ -1578,7 +1580,7 @@ merge:
>  	err = ext4_ext_dirty(handle, inode, path + depth);
> 
>  cleanup:
> -	if (npath) {
> +	if (npath && npath != path) {
>  		ext4_ext_drop_refs(npath);
>  		kfree(npath);
>  	}
> -- 
> 1.5.5.1

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2008-06-19 16:09 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-06-19  7:54 [PATCH] ext4: fix memory leak in ext4_ext_insert_extent Shen Feng
2008-06-19 16:08 ` Aneesh Kumar K.V

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox