* [PATCH] ecryptfs: Fix refcnt leak on ecryptfs_follow_link() error path
@ 2010-01-11 18:36 OGAWA Hirofumi
2010-01-13 19:44 ` Al Viro
0 siblings, 1 reply; 4+ messages in thread
From: OGAWA Hirofumi @ 2010-01-11 18:36 UTC (permalink / raw)
To: Tyler Hicks, Dustin Kirkland; +Cc: ecryptfs-devel, linux-kernel, linux-fsdevel
If ->follow_link handler return the error, it should decrement
nd->path refcnt. But, ecryptfs_follow_link() doesn't decrement.
This patch fix it by using usual nd_set_link() style error handling,
instead of playing with nd->path.
Signed-off-by: OGAWA Hirofumi <hirofumi@mail.parknet.co.jp>
---
fs/ecryptfs/inode.c | 19 +++++++++----------
1 file changed, 9 insertions(+), 10 deletions(-)
diff -puN fs/ecryptfs/inode.c~namei-ecryptfs-follow_link-fix fs/ecryptfs/inode.c
--- linux-2.6/fs/ecryptfs/inode.c~namei-ecryptfs-follow_link-fix 2010-01-12 00:15:10.000000000 +0900
+++ linux-2.6-hirofumi/fs/ecryptfs/inode.c 2010-01-12 00:15:10.000000000 +0900
@@ -715,7 +715,7 @@ static void *ecryptfs_follow_link(struct
/* Released in ecryptfs_put_link(); only release here on error */
buf = kmalloc(len, GFP_KERNEL);
if (!buf) {
- rc = -ENOMEM;
+ buf = ERR_PTR(-ENOMEM);
goto out;
}
old_fs = get_fs();
@@ -723,23 +723,22 @@ static void *ecryptfs_follow_link(struct
rc = dentry->d_inode->i_op->readlink(dentry, (char __user *)buf, len);
set_fs(old_fs);
if (rc < 0)
- goto out_free;
+ buf = ERR_PTR(rc);
else
buf[rc] = '\0';
- rc = 0;
- nd_set_link(nd, buf);
- goto out;
-out_free:
- kfree(buf);
out:
- return ERR_PTR(rc);
+ nd_set_link(nd, buf);
+ return NULL;
}
static void
ecryptfs_put_link(struct dentry *dentry, struct nameidata *nd, void *ptr)
{
- /* Free the char* */
- kfree(nd_get_link(nd));
+ char *buf = nd_get_link(nd);
+ if (!IS_ERR(buf)) {
+ /* Free the char* */
+ kfree(buf);
+ }
}
/**
_
--
OGAWA Hirofumi <hirofumi@mail.parknet.co.jp>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] ecryptfs: Fix refcnt leak on ecryptfs_follow_link() error path
2010-01-11 18:36 [PATCH] ecryptfs: Fix refcnt leak on ecryptfs_follow_link() error path OGAWA Hirofumi
@ 2010-01-13 19:44 ` Al Viro
2010-01-14 3:32 ` OGAWA Hirofumi
0 siblings, 1 reply; 4+ messages in thread
From: Al Viro @ 2010-01-13 19:44 UTC (permalink / raw)
To: OGAWA Hirofumi
Cc: Tyler Hicks, Dustin Kirkland, ecryptfs-devel, linux-kernel,
linux-fsdevel
On Tue, Jan 12, 2010 at 03:36:14AM +0900, OGAWA Hirofumi wrote:
>
> If ->follow_link handler return the error, it should decrement
> nd->path refcnt. But, ecryptfs_follow_link() doesn't decrement.
>
> This patch fix it by using usual nd_set_link() style error handling,
> instead of playing with nd->path.
Applied.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] ecryptfs: Fix refcnt leak on ecryptfs_follow_link() error path
2010-01-13 19:44 ` Al Viro
@ 2010-01-14 3:32 ` OGAWA Hirofumi
2010-01-14 3:43 ` Al Viro
0 siblings, 1 reply; 4+ messages in thread
From: OGAWA Hirofumi @ 2010-01-14 3:32 UTC (permalink / raw)
To: Al Viro
Cc: Tyler Hicks, Dustin Kirkland, ecryptfs-devel, linux-kernel,
linux-fsdevel
Al Viro <viro@ZenIV.linux.org.uk> writes:
> On Tue, Jan 12, 2010 at 03:36:14AM +0900, OGAWA Hirofumi wrote:
>>
>> If ->follow_link handler return the error, it should decrement
>> nd->path refcnt. But, ecryptfs_follow_link() doesn't decrement.
>>
>> This patch fix it by using usual nd_set_link() style error handling,
>> instead of playing with nd->path.
>
> Applied.
Sigh, sorry. I introduced new bug by this patch. Please apply this too.
--
OGAWA Hirofumi <hirofumi@mail.parknet.co.jp>
[PATCH] ecryptfs: Fix memory leak of buf in ecryptfs_follow_link()
Fix memory leak of buf in ecryptfs_follow_link() in recent my change.
Signed-off-by: OGAWA Hirofumi <hirofumi@mail.parknet.co.jp>
---
fs/ecryptfs/inode.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff -puN fs/ecryptfs/inode.c~namei-ecryptfs-follow_link-fix-fix fs/ecryptfs/inode.c
--- linux-2.6/fs/ecryptfs/inode.c~namei-ecryptfs-follow_link-fix-fix 2010-01-14 05:33:49.000000000 +0900
+++ linux-2.6-hirofumi/fs/ecryptfs/inode.c 2010-01-14 05:34:30.000000000 +0900
@@ -722,9 +722,10 @@ static void *ecryptfs_follow_link(struct
set_fs(get_ds());
rc = dentry->d_inode->i_op->readlink(dentry, (char __user *)buf, len);
set_fs(old_fs);
- if (rc < 0)
+ if (rc < 0) {
+ kfree(buf);
buf = ERR_PTR(rc);
- else
+ } else
buf[rc] = '\0';
out:
nd_set_link(nd, buf);
_
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] ecryptfs: Fix refcnt leak on ecryptfs_follow_link() error path
2010-01-14 3:32 ` OGAWA Hirofumi
@ 2010-01-14 3:43 ` Al Viro
0 siblings, 0 replies; 4+ messages in thread
From: Al Viro @ 2010-01-14 3:43 UTC (permalink / raw)
To: OGAWA Hirofumi
Cc: Tyler Hicks, Dustin Kirkland, ecryptfs-devel, linux-kernel,
linux-fsdevel
On Thu, Jan 14, 2010 at 12:32:13PM +0900, OGAWA Hirofumi wrote:
> Al Viro <viro@ZenIV.linux.org.uk> writes:
>
> > On Tue, Jan 12, 2010 at 03:36:14AM +0900, OGAWA Hirofumi wrote:
> >>
> >> If ->follow_link handler return the error, it should decrement
> >> nd->path refcnt. But, ecryptfs_follow_link() doesn't decrement.
> >>
> >> This patch fix it by using usual nd_set_link() style error handling,
> >> instead of playing with nd->path.
> >
> > Applied.
>
> Sigh, sorry. I introduced new bug by this patch. Please apply this too.
I'll fold it. BTW, while we are at it, there's a leak in configfs/symlink.c
get_target() as well ;-/
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2010-01-14 3:43 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-01-11 18:36 [PATCH] ecryptfs: Fix refcnt leak on ecryptfs_follow_link() error path OGAWA Hirofumi
2010-01-13 19:44 ` Al Viro
2010-01-14 3:32 ` OGAWA Hirofumi
2010-01-14 3:43 ` Al Viro
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).