From: Namjae Jeon <linkinjeon@kernel.org>
To: gregkh@linuxfoundation.org, stable@vger.kernel.org, sashal@kernel.org
Cc: smfrench@gmail.com, Zongmin Zhou <zhouzongmin@kylinos.cn>,
kernel test robot <lkp@intel.com>,
Dan Carpenter <error27@gmail.com>,
Namjae Jeon <linkinjeon@kernel.org>,
Steve French <stfrench@microsoft.com>
Subject: [PATCH 6.6.y 08/19] ksmbd: prevent memory leak on error return
Date: Sun, 31 Dec 2023 16:19:08 +0900 [thread overview]
Message-ID: <20231231071919.32103-9-linkinjeon@kernel.org> (raw)
In-Reply-To: <20231231071919.32103-1-linkinjeon@kernel.org>
From: Zongmin Zhou <zhouzongmin@kylinos.cn>
[ Upstream commit 90044481e7cca6cb3125b3906544954a25f1309f ]
When allocated memory for 'new' failed,just return
will cause memory leak of 'ar'.
Fixes: 1819a9042999 ("ksmbd: reorganize ksmbd_iov_pin_rsp()")
Reported-by: kernel test robot <lkp@intel.com>
Reported-by: Dan Carpenter <error27@gmail.com>
Closes: https://lore.kernel.org/r/202311031837.H3yo7JVl-lkp@intel.com/
Signed-off-by: Zongmin Zhou<zhouzongmin@kylinos.cn>
Acked-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
---
fs/smb/server/ksmbd_work.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/fs/smb/server/ksmbd_work.c b/fs/smb/server/ksmbd_work.c
index a2ed441e837a..2510b9f3c8c1 100644
--- a/fs/smb/server/ksmbd_work.c
+++ b/fs/smb/server/ksmbd_work.c
@@ -106,7 +106,7 @@ static inline void __ksmbd_iov_pin(struct ksmbd_work *work, void *ib,
static int __ksmbd_iov_pin_rsp(struct ksmbd_work *work, void *ib, int len,
void *aux_buf, unsigned int aux_size)
{
- struct aux_read *ar;
+ struct aux_read *ar = NULL;
int need_iov_cnt = 1;
if (aux_size) {
@@ -123,8 +123,11 @@ static int __ksmbd_iov_pin_rsp(struct ksmbd_work *work, void *ib, int len,
new = krealloc(work->iov,
sizeof(struct kvec) * work->iov_alloc_cnt,
GFP_KERNEL | __GFP_ZERO);
- if (!new)
+ if (!new) {
+ kfree(ar);
+ work->iov_alloc_cnt -= 4;
return -ENOMEM;
+ }
work->iov = new;
}
--
2.25.1
next prev parent reply other threads:[~2023-12-31 7:20 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-12-31 7:19 [PATCH 6.6.y 00/19] ksmbd backport patches for linux-6.6.y Namjae Jeon
2023-12-31 7:19 ` [PATCH 6.6.y 01/19] ksmbd: Remove unused field in ksmbd_user struct Namjae Jeon
2023-12-31 7:19 ` [PATCH 6.6.y 02/19] ksmbd: reorganize ksmbd_iov_pin_rsp() Namjae Jeon
2023-12-31 7:19 ` [PATCH 6.6.y 03/19] ksmbd: fix kernel-doc comment of ksmbd_vfs_setxattr() Namjae Jeon
2023-12-31 7:19 ` [PATCH 6.6.y 04/19] ksmbd: fix missing RDMA-capable flag for IPoIB device in ksmbd_rdma_capable_netdev() Namjae Jeon
2023-12-31 7:19 ` [PATCH 6.6.y 05/19] ksmbd: add support for surrogate pair conversion Namjae Jeon
2023-12-31 7:19 ` [PATCH 6.6.y 06/19] ksmbd: no need to wait for binded connection termination at logoff Namjae Jeon
2023-12-31 7:19 ` [PATCH 6.6.y 07/19] ksmbd: fix kernel-doc comment of ksmbd_vfs_kern_path_locked() Namjae Jeon
2023-12-31 7:19 ` Namjae Jeon [this message]
2023-12-31 7:19 ` [PATCH 6.6.y 09/19] ksmbd: separately allocate ci per dentry Namjae Jeon
2023-12-31 7:19 ` [PATCH 6.6.y 10/19] ksmbd: move oplock handling after unlock parent dir Namjae Jeon
2023-12-31 7:19 ` [PATCH 6.6.y 11/19] ksmbd: release interim response after sending status pending response Namjae Jeon
2023-12-31 7:19 ` [PATCH 6.6.y 12/19] ksmbd: move setting SMB2_FLAGS_ASYNC_COMMAND and AsyncId Namjae Jeon
2023-12-31 7:19 ` [PATCH 6.6.y 13/19] ksmbd: don't update ->op_state as OPLOCK_STATE_NONE on error Namjae Jeon
2023-12-31 7:19 ` [PATCH 6.6.y 14/19] ksmbd: set epoch in create context v2 lease Namjae Jeon
2023-12-31 7:19 ` [PATCH 6.6.y 15/19] ksmbd: set v2 lease capability Namjae Jeon
2023-12-31 7:19 ` [PATCH 6.6.y 16/19] ksmbd: downgrade RWH lease caching state to RH for directory Namjae Jeon
2023-12-31 7:19 ` [PATCH 6.6.y 17/19] ksmbd: send v2 lease break notification " Namjae Jeon
2023-12-31 7:19 ` [PATCH 6.6.y 18/19] ksmbd: lazy v2 lease break on smb2_write() Namjae Jeon
2023-12-31 7:19 ` [PATCH 6.6.y 19/19] ksmbd: avoid duplicate opinfo_put() call on error of smb21_lease_break_ack() Namjae Jeon
2024-01-01 18:11 ` [PATCH 6.6.y 00/19] ksmbd backport patches for linux-6.6.y Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231231071919.32103-9-linkinjeon@kernel.org \
--to=linkinjeon@kernel.org \
--cc=error27@gmail.com \
--cc=gregkh@linuxfoundation.org \
--cc=lkp@intel.com \
--cc=sashal@kernel.org \
--cc=smfrench@gmail.com \
--cc=stable@vger.kernel.org \
--cc=stfrench@microsoft.com \
--cc=zhouzongmin@kylinos.cn \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox