projects / openwrt / staging / blogic.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4a16d1c)
pstore: Fix leaked pstore_record in pstore_get_backend_records()
authorDouglas Anderson <dianders@chromium.org>
Tue, 30 May 2017 22:50:38 +0000 (15:50 -0700)
committerKees Cook <keescook@chromium.org>
Wed, 31 May 2017 17:10:09 +0000 (10:10 -0700)
When the "if (record->size <= 0)" test is true in
pstore_get_backend_records() it's pretty clear that nobody holds a
reference to the allocated pstore_record, yet we don't free it.

Let's free it.

Fixes: 2a2b0acf768c ("pstore: Allocate records on heap instead of stack")
Signed-off-by: Douglas Anderson <dianders@chromium.org>
Signed-off-by: Kees Cook <keescook@chromium.org>
Cc: stable@vger.kernel.org
fs/pstore/platform.c patch | blob | history

diff --git a/fs/pstore/platform.c b/fs/pstore/platform.c
index b3045530dd4efa794194468c3447fc19cebdebd1..4c5cd93684607516c7abbf90b996d110a52071bc 100644 (file)
--- a/fs/pstore/platform.c
+++ b/fs/pstore/platform.c
@@ -849,8 +849,10 @@ void pstore_get_backend_records(struct pstore_info *psi,
                record->size = psi->read(record);
 
                /* No more records left in backend? */
-               if (record->size <= 0)
+               if (record->size <= 0) {
+                       kfree(record);
                        break;
+               }
 
                decompress_record(record);
                rc = pstore_mkfile(root, record);
John Crispins staging tree