From patchwork Thu May 17 09:03:32 2012
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Sidney Amani <seed95@gmail.com>
X-Patchwork-Id: 159852
Return-Path: 
 <linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from merlin.infradead.org (merlin.infradead.org
	[IPv6:2001:4978:20e::2])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(Client did not present a certificate)
	by ozlabs.org (Postfix) with ESMTPS id 17860B6FBD
	for <incoming@patchwork.ozlabs.org>;
	Thu, 17 May 2012 19:06:41 +1000 (EST)
Received: from localhost ([::1] helo=merlin.infradead.org)
	by merlin.infradead.org with esmtp (Exim 4.76 #1 (Red Hat Linux))
	id 1SUwdT-0000BO-TP; Thu, 17 May 2012 09:04:39 +0000
Received: from mail-pb0-f49.google.com ([209.85.160.49])
	by merlin.infradead.org with esmtps (Exim 4.76 #1 (Red Hat Linux))
	id 1SUwdR-0000B9-9I
	for linux-mtd@lists.infradead.org; Thu, 17 May 2012 09:04:37 +0000
Received: by pbbrq13 with SMTP id rq13so2582433pbb.36
	for <linux-mtd@lists.infradead.org>;
	Thu, 17 May 2012 02:04:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
	h=from:to:cc:subject:date:message-id:x-mailer;
	bh=l3Xyw/gPLmHfMwTbL//PLEsrlMiwrphg+fvFLOOkWwU=;
	b=Ec4Hj7D9O2OYi+/+by8vICM4Qwsdx/nJmWU8x0Bt4GTdJuafVN7Kn9jG9R17i6/e+W
	xe2UvGhYXlPiDE/9NHqhwmIFigCkqAAtg/qMitNdvTc0oMZQ7HhScBZY3fs82+tk7pZI
	G57LGZRCG5c7K2WUfMUSnAQfqgz15w/j6XfXOghbVxEV3qx9hhDq/JAgX+ARvcAVZVGq
	IimOjwKQfHD8sWX8D233U0KGhR90sAUsghGG7GL3AiPFH0q7Bhc2fU8Gfcjse4noGt9R
	AblbkDQt4aczkRNfa4UDrJhsjkoI4T+FIIc7BjGvefAOda+4LWUGnfRjouq56Y4eEM5y
	i2tg==
Received: by 10.68.201.195 with SMTP id kc3mr25564431pbc.33.1337245474987;
	Thu, 17 May 2012 02:04:34 -0700 (PDT)
Received: from localhost.localdomain (vampire.ertos.nicta.com.au.
	[203.143.161.65]) by mx.google.com with ESMTPS id
	nd6sm8469816pbc.63.2012.05.17.02.04.32
	(version=TLSv1/SSLv3 cipher=OTHER);
	Thu, 17 May 2012 02:04:34 -0700 (PDT)
From: Sidney Amani <seed95@gmail.com>
To: linux-mtd@lists.infradead.org
Subject: [PATCH] UBIFS: fix memory leak on error path
Date: Thu, 17 May 2012 19:03:32 +1000
Message-Id: <1337245412-22222-1-git-send-email-seed95@gmail.com>
X-Mailer: git-send-email 1.7.5.4
X-Spam-Note: CRM114 invocation failed
X-Spam-Score: -2.5 (--)
X-Spam-Report: SpamAssassin version 3.3.2 on merlin.infradead.org summary:
	Content analysis details:   (-2.5 points)
	pts rule name              description
	---- ----------------------
	--------------------------------------------------
	-0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/,
	low trust [209.85.160.49 listed in list.dnswl.org]
	0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail
	provider (seed95[at]gmail.com)
	-0.0 SPF_PASS               SPF: sender matches SPF record
	0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends
	in digit (seed95[at]gmail.com)
	-1.9 BAYES_00               BODY: Bayes spam probability is 0 to 1%
	[score: 0.0000]
	-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
	author's domain
	0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
	not necessarily valid
	-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
Cc: Ben Gardiner <bengardiner@nanometrics.ca>,
	Sidney Amani <seed95@gmail.com>
X-BeenThere: linux-mtd@lists.infradead.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Linux MTD discussion mailing list <linux-mtd.lists.infradead.org>
List-Unsubscribe: <http://lists.infradead.org/mailman/options/linux-mtd>,
	<mailto:linux-mtd-request@lists.infradead.org?subject=unsubscribe>
List-Archive: <http://lists.infradead.org/pipermail/linux-mtd/>
List-Post: <mailto:linux-mtd@lists.infradead.org>
List-Help: <mailto:linux-mtd-request@lists.infradead.org?subject=help>
List-Subscribe: <http://lists.infradead.org/mailman/listinfo/linux-mtd>,
	<mailto:linux-mtd-request@lists.infradead.org?subject=subscribe>
MIME-Version: 1.0
Sender: linux-mtd-bounces@lists.infradead.org
Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org

UBIFS leaks memory on error path in 'mount_ubifs()'. In case of failure in
'ubifs_lpt_init()' or 'ubifs_fixup_free_space()', it does not call
'ubifs_lpt_free()' whereas LPT data structures can potentially be allocated.
The amount of memory leaked can be quite high -- see 'ubifs_lpt_init()'.

The bug was introduced when moving the LPT initialisation earlier in the
mount process (commit '781c5717a95a74b294beb38b8276943b0f8b5bb4').

CC: Ben Gardiner <bengardiner@nanometrics.ca>
Signed-off-by: Sidney Amani <seed95@gmail.com>
---
 fs/ubifs/super.c |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/fs/ubifs/super.c b/fs/ubifs/super.c
index 76e4e05..50216ec 100644
--- a/fs/ubifs/super.c
+++ b/fs/ubifs/super.c
@@ -1296,12 +1296,12 @@ static int mount_ubifs(struct ubifs_info *c)
 
 	err = ubifs_lpt_init(c, 1, !c->ro_mount);
 	if (err)
-		goto out_master;
+		goto out_lpt;
 
 	if (!c->ro_mount && c->space_fixup) {
 		err = ubifs_fixup_free_space(c);
 		if (err)
-			goto out_master;
+			goto out_lpt;
 	}
 
 	if (!c->ro_mount) {