Tiger Yang
2011-May-30 06:39 UTC
[Ocfs2-devel] [PATCH 1/1] ocfs2: free memory allocated by security_inode_init_security
The LSM security_inode_init_security() hook allocates memory for xattr name and value, expecting the caller to release the memory afterwards. reported-by: Mimi Zohar <zohar at linux.vnet.ibm.com> Signed-off-by: Tiger Yang <tiger.yang at oracle.com> --- fs/ocfs2/xattr.c | 2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diff --git a/fs/ocfs2/xattr.c b/fs/ocfs2/xattr.c index 81ecf9c..e9b031e 100644 --- a/fs/ocfs2/xattr.c +++ b/fs/ocfs2/xattr.c @@ -7215,6 +7215,8 @@ int ocfs2_init_security_and_acl(struct inode *dir, ocfs2_inode_unlock(dir, 0); brelse(dir_bh); + kfree(si.name); + kfree(si.value); leave: return ret; } -- 1.7.4.4
Mimi Zohar
2011-May-30 09:54 UTC
[Ocfs2-devel] [PATCH 1/1] ocfs2: free memory allocated by security_inode_init_security
On Mon, 2011-05-30 at 14:39 +0800, Tiger Yang wrote:> The LSM security_inode_init_security() hook allocates memory > for xattr name and value, expecting the caller to release > the memory afterwards. > > reported-by: Mimi Zohar <zohar at linux.vnet.ibm.com> > Signed-off-by: Tiger Yang <tiger.yang at oracle.com>Hi Tiger, Thanks for taking a look. For the normal case, the memory is now freed, but not on failure. thanks, Mimi> --- > fs/ocfs2/xattr.c | 2 ++ > 1 files changed, 2 insertions(+), 0 deletions(-) > > diff --git a/fs/ocfs2/xattr.c b/fs/ocfs2/xattr.c > index 81ecf9c..e9b031e 100644 > --- a/fs/ocfs2/xattr.c > +++ b/fs/ocfs2/xattr.c > @@ -7215,6 +7215,8 @@ int ocfs2_init_security_and_acl(struct inode *dir, > > ocfs2_inode_unlock(dir, 0); > brelse(dir_bh); > + kfree(si.name); > + kfree(si.value); > leave: > return ret; > }
Tiger Yang
2011-May-31 16:44 UTC
[Ocfs2-devel] [PATCH 1/1] ocfs2: free memory allocated by security_inode_init_security
Mimi Zohar wrote:> Thanks for taking a look. For the normal case, the memory is now freed, > but not on failure. >Hi, Mini, Thanks point it out, I will resend the patch. Regards, Tiger
Sunil Mushran
2011-May-31 17:13 UTC
[Ocfs2-devel] [PATCH 1/1] ocfs2: free memory allocated by security_inode_init_security
On 05/30/2011 02:54 AM, Mimi Zohar wrote:> On Mon, 2011-05-30 at 14:39 +0800, Tiger Yang wrote: >> The LSM security_inode_init_security() hook allocates memory >> for xattr name and value, expecting the caller to release >> the memory afterwards. >> >> reported-by: Mimi Zohar<zohar at linux.vnet.ibm.com> >> Signed-off-by: Tiger Yang<tiger.yang at oracle.com> > Hi Tiger, > > Thanks for taking a look. For the normal case, the memory is now freed, > but not on failure. > > thanks, > > MimiMove the frees below leave. And just to be safe, specifically init .name and .value to null while declaring.>> --- >> fs/ocfs2/xattr.c | 2 ++ >> 1 files changed, 2 insertions(+), 0 deletions(-) >> >> diff --git a/fs/ocfs2/xattr.c b/fs/ocfs2/xattr.c >> index 81ecf9c..e9b031e 100644 >> --- a/fs/ocfs2/xattr.c >> +++ b/fs/ocfs2/xattr.c >> @@ -7215,6 +7215,8 @@ int ocfs2_init_security_and_acl(struct inode *dir, >> >> ocfs2_inode_unlock(dir, 0); >> brelse(dir_bh); >> + kfree(si.name); >> + kfree(si.value); >> leave: >> return ret; >> } > > > _______________________________________________ > Ocfs2-devel mailing list > Ocfs2-devel at oss.oracle.com > http://oss.oracle.com/mailman/listinfo/ocfs2-devel