Message ID | 1337245412-22222-1-git-send-email-seed95@gmail.com |
---|---|
State | New, archived |
Headers | show |
On Thu, 2012-05-17 at 19:03 +1000, Sidney Amani wrote: > UBIFS leaks memory on error path in 'mount_ubifs()'. In case of failure in > 'ubifs_lpt_init()' or 'ubifs_fixup_free_space()', it does not call > 'ubifs_lpt_free()' whereas LPT data structures can potentially be allocated. > The amount of memory leaked can be quite high -- see 'ubifs_lpt_init()'. > > The bug was introduced when moving the LPT initialisation earlier in the > mount process (commit '781c5717a95a74b294beb38b8276943b0f8b5bb4'). > > CC: Ben Gardiner <bengardiner@nanometrics.ca> > Signed-off-by: Sidney Amani <seed95@gmail.com> I've replied to you with the counter-proposal patches which I think should fix this issue in a bit better way. Please, take a look - If you are fine with that, I can push it.
On Fri, May 18, 2012 at 9:38 PM, Artem Bityutskiy <dedekind1@gmail.com> wrote: > I've replied to you with the counter-proposal patches which I think > should fix this issue in a bit better way. Please, take a look - If you > are fine with that, I can push it. > Agreed, your set of patches is better. Cheers
diff --git a/fs/ubifs/super.c b/fs/ubifs/super.c index 76e4e05..50216ec 100644 --- a/fs/ubifs/super.c +++ b/fs/ubifs/super.c @@ -1296,12 +1296,12 @@ static int mount_ubifs(struct ubifs_info *c) err = ubifs_lpt_init(c, 1, !c->ro_mount); if (err) - goto out_master; + goto out_lpt; if (!c->ro_mount && c->space_fixup) { err = ubifs_fixup_free_space(c); if (err) - goto out_master; + goto out_lpt; } if (!c->ro_mount) {
UBIFS leaks memory on error path in 'mount_ubifs()'. In case of failure in 'ubifs_lpt_init()' or 'ubifs_fixup_free_space()', it does not call 'ubifs_lpt_free()' whereas LPT data structures can potentially be allocated. The amount of memory leaked can be quite high -- see 'ubifs_lpt_init()'. The bug was introduced when moving the LPT initialisation earlier in the mount process (commit '781c5717a95a74b294beb38b8276943b0f8b5bb4'). CC: Ben Gardiner <bengardiner@nanometrics.ca> Signed-off-by: Sidney Amani <seed95@gmail.com> --- fs/ubifs/super.c | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-)