From: Bill O'Donnell <bodonnel@redhat.com>
To: Eric Sandeen <sandeen@sandeen.net>
Cc: "Darrick J. Wong" <djwong@kernel.org>,
linux-xfs@vger.kernel.org, cem@kernel.org
Subject: Re: [PATCH] xfs_db: release ip resource before returning from get_next_unlinked()
Date: Wed, 7 Aug 2024 12:35:55 -0500 [thread overview]
Message-ID: <ZrOwe4kzu88wVBrD@redhat.com> (raw)
In-Reply-To: <40fa60fa-b7f0-40c8-87d6-c083b028c6c2@sandeen.net>
On Wed, Aug 07, 2024 at 12:07:37PM -0500, Eric Sandeen wrote:
> On 8/5/24 9:42 AM, Bill O'Donnell wrote:
> > On Fri, Aug 02, 2024 at 04:23:00PM -0700, Darrick J. Wong wrote:
> >> On Fri, Aug 02, 2024 at 05:25:52PM -0500, Bill O'Donnell wrote:
> >>> Fix potential memory leak in function get_next_unlinked(). Call
> >>> libxfs_irele(ip) before exiting.
> >>>
> >>> Details:
> >>> Error: RESOURCE_LEAK (CWE-772):
> >>> xfsprogs-6.5.0/db/iunlink.c:51:2: alloc_arg: "libxfs_iget" allocates memory that is stored into "ip".
> >>> xfsprogs-6.5.0/db/iunlink.c:68:2: noescape: Resource "&ip->i_imap" is not freed or pointed-to in "libxfs_imap_to_bp".
> >>> xfsprogs-6.5.0/db/iunlink.c:76:2: leaked_storage: Variable "ip" going out of scope leaks the storage it points to.
> >>> # 74| libxfs_buf_relse(ino_bp);
> >>> # 75|
> >>> # 76|-> return ret;
> >>> # 77| bad:
> >>> # 78| dbprintf(_("AG %u agino %u: %s\n"), agno, agino, strerror(error));
> >>>
> >>> Signed-off-by: Bill O'Donnell <bodonnel@redhat.com>
> >>> ---
> >>> db/iunlink.c | 1 +
> >>> 1 file changed, 1 insertion(+)
> >>>
> >>> diff --git a/db/iunlink.c b/db/iunlink.c
> >>> index d87562e3..3b2417c5 100644
> >>> --- a/db/iunlink.c
> >>> +++ b/db/iunlink.c
> >>> @@ -72,6 +72,7 @@ get_next_unlinked(
> >>> dip = xfs_buf_offset(ino_bp, ip->i_imap.im_boffset);
> >>> ret = be32_to_cpu(dip->di_next_unlinked);
> >>> libxfs_buf_relse(ino_bp);
> >>> + libxfs_irele(ip);
> >>
> >> I think this needs to cover the error return for libxfs_imap_to_bp too,
> >> doesn't it?
> >
> > I considered that, but there are several places in the code where the
> > error return doesn't release the resource. Not that that's correct, but the
> > scans didn't flag them. For example, in bmap_inflate.c, bmapinflate_f()
> > does not release the resource and scans didn't flag it.
>
> Upstream coverity scan does flag it, CID 1554242 (that CID actually covers
> both instances of the leak).
Ah, thanks. I'll send a v2.
-Bill
> >>>
> >>> return ret;
> >>> bad:
> >>> --
> >>> 2.45.2
> >>>
> >>
> >
> >
>
prev parent reply other threads:[~2024-08-07 17:36 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-08-02 22:25 [PATCH] xfs_db: release ip resource before returning from get_next_unlinked() Bill O'Donnell
2024-08-02 23:23 ` Darrick J. Wong
2024-08-05 14:42 ` Bill O'Donnell
2024-08-05 15:48 ` Bill O'Donnell
2024-08-07 17:07 ` Eric Sandeen
2024-08-07 17:35 ` Bill O'Donnell [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZrOwe4kzu88wVBrD@redhat.com \
--to=bodonnel@redhat.com \
--cc=cem@kernel.org \
--cc=djwong@kernel.org \
--cc=linux-xfs@vger.kernel.org \
--cc=sandeen@sandeen.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox