From: Greg KH <gregkh@suse.de>
To: linux-kernel@vger.kernel.org, stable@kernel.org
Cc: Justin Forbes <jmforbes@linuxtx.org>,
Zwane Mwaikambo <zwane@arm.linux.org.uk>,
"Theodore Ts'o" <tytso@mit.edu>,
Randy Dunlap <rdunlap@xenotime.net>,
Chuck Wolber <chuckw@quantumlinux.com>,
torvalds@osdl.org, akpm@osdl.org, alan@lxorguk.ukuu.org.uk,
viro@ftp.linux.org.uk
Subject: [patch 6/7] Avoid 'names_cache' memory leak with CONFIG_AUDITSYSCALL
Date: Fri, 7 Oct 2005 16:55:00 -0700 [thread overview]
Message-ID: <20051007235500.GG23111@kroah.com> (raw)
In-Reply-To: <20051007235353.GA23111@kroah.com>
[-- Attachment #1: plug-names_cache-memleak.patch --]
[-- Type: text/plain, Size: 1373 bytes --]
From: Linus Torvalds <torvalds@osdl.org>
Avoid 'names_cache' memory leak with CONFIG_AUDITSYSCALL
The nameidata "last.name" is always allocated with "__getname()", and
should always be free'd with "__putname()".
Using "putname()" without the underscores will leak memory, because the
allocation will have been hidden from the AUDITSYSCALL code.
Arguably the real bug is that the AUDITSYSCALL code is really broken,
but in the meantime this fixes the problem people see.
Reported by Robert Derr, patch by Rick Lindsley.
Acked-by: Al Viro <viro@ftp.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Signed-off-by: Chris Wright <chrisw@osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
---
fs/namei.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
--- linux-2.6.13.y.orig/fs/namei.c
+++ linux-2.6.13.y/fs/namei.c
@@ -1557,19 +1557,19 @@ do_link:
if (nd->last_type != LAST_NORM)
goto exit;
if (nd->last.name[nd->last.len]) {
- putname(nd->last.name);
+ __putname(nd->last.name);
goto exit;
}
error = -ELOOP;
if (count++==32) {
- putname(nd->last.name);
+ __putname(nd->last.name);
goto exit;
}
dir = nd->dentry;
down(&dir->d_inode->i_sem);
path.dentry = __lookup_hash(&nd->last, nd->dentry, nd);
path.mnt = nd->mnt;
- putname(nd->last.name);
+ __putname(nd->last.name);
goto do_last;
}
--
next prev parent reply other threads:[~2005-10-07 23:55 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20051007234348.631583000@press.kroah.org>
2005-10-07 23:53 ` [patch 0/7] -stable review Greg KH
2005-10-07 23:54 ` [patch 1/7] ieee1394/sbp2: fixes for hot-unplug and module unloading Greg KH
2005-10-08 0:18 ` Grant Coady
2005-10-08 0:21 ` [stable] " Chris Wright
2005-10-08 10:18 ` Stefan Richter
2005-10-07 23:54 ` [patch 2/7] orinoco: Information leakage due to incorrect padding Greg KH
2005-10-07 23:54 ` [patch 3/7] [TCP]: BIC coding bug in Linux 2.6.13 Greg KH
2005-10-07 23:54 ` [patch 4/7] sysfs: Signedness problem Greg KH
2005-10-08 0:02 ` Dave Jones
2005-10-08 0:07 ` [stable] " Greg KH
2005-10-08 0:12 ` Chris Wright
2005-10-08 0:14 ` Dave Jones
2005-10-08 0:08 ` Chris Wright
2005-10-07 23:54 ` [patch 5/7] Fix userland FPU state corruption Greg KH
2005-10-07 23:55 ` Greg KH [this message]
2005-10-07 23:55 ` [patch 7/7] key: plug request_key_auth memleak Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20051007235500.GG23111@kroah.com \
--to=gregkh@suse.de \
--cc=akpm@osdl.org \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=chuckw@quantumlinux.com \
--cc=jmforbes@linuxtx.org \
--cc=linux-kernel@vger.kernel.org \
--cc=rdunlap@xenotime.net \
--cc=stable@kernel.org \
--cc=torvalds@osdl.org \
--cc=tytso@mit.edu \
--cc=viro@ftp.linux.org.uk \
--cc=zwane@arm.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox