Patchwork UBIFS: fix memory leak on error path

login
register
mail settings
Submitter Sidney Amani
Date May 17, 2012, 9:03 a.m.
Message ID <1337245412-22222-1-git-send-email-seed95@gmail.com>
Download mbox | patch
Permalink /patch/159852/
State New
Headers show

Comments

Sidney Amani - May 17, 2012, 9:03 a.m.
UBIFS leaks memory on error path in 'mount_ubifs()'. In case of failure in
'ubifs_lpt_init()' or 'ubifs_fixup_free_space()', it does not call
'ubifs_lpt_free()' whereas LPT data structures can potentially be allocated.
The amount of memory leaked can be quite high -- see 'ubifs_lpt_init()'.

The bug was introduced when moving the LPT initialisation earlier in the
mount process (commit '781c5717a95a74b294beb38b8276943b0f8b5bb4').

CC: Ben Gardiner <bengardiner@nanometrics.ca>
Signed-off-by: Sidney Amani <seed95@gmail.com>
---
 fs/ubifs/super.c |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)
Artem Bityutskiy - May 18, 2012, 11:38 a.m.
On Thu, 2012-05-17 at 19:03 +1000, Sidney Amani wrote:
> UBIFS leaks memory on error path in 'mount_ubifs()'. In case of failure in
> 'ubifs_lpt_init()' or 'ubifs_fixup_free_space()', it does not call
> 'ubifs_lpt_free()' whereas LPT data structures can potentially be allocated.
> The amount of memory leaked can be quite high -- see 'ubifs_lpt_init()'.
> 
> The bug was introduced when moving the LPT initialisation earlier in the
> mount process (commit '781c5717a95a74b294beb38b8276943b0f8b5bb4').
> 
> CC: Ben Gardiner <bengardiner@nanometrics.ca>
> Signed-off-by: Sidney Amani <seed95@gmail.com>

I've replied to you with the counter-proposal patches which I think
should fix this issue in a bit better way. Please, take a look - If you
are fine with that, I can push it.
Sidney Amani - May 20, 2012, 5:49 a.m.
On Fri, May 18, 2012 at 9:38 PM, Artem Bityutskiy <dedekind1@gmail.com> wrote:
> I've replied to you with the counter-proposal patches which I think
> should fix this issue in a bit better way. Please, take a look - If you
> are fine with that, I can push it.
>

Agreed, your set of patches is better.

Cheers

Patch

diff --git a/fs/ubifs/super.c b/fs/ubifs/super.c
index 76e4e05..50216ec 100644
--- a/fs/ubifs/super.c
+++ b/fs/ubifs/super.c
@@ -1296,12 +1296,12 @@  static int mount_ubifs(struct ubifs_info *c)
 
 	err = ubifs_lpt_init(c, 1, !c->ro_mount);
 	if (err)
-		goto out_master;
+		goto out_lpt;
 
 	if (!c->ro_mount && c->space_fixup) {
 		err = ubifs_fixup_free_space(c);
 		if (err)
-			goto out_master;
+			goto out_lpt;
 	}
 
 	if (!c->ro_mount) {