[PATCH 2/2] fanotify: do not leak user reference on allocation failure

From: Eric Paris
Date: Wed Nov 24 2010 - 00:12:30 EST

Next message: Neil Brown: "Re: [PATCH] md: Fix single printks with multiple KERN_<level>s"
Previous message: Eric Paris: "[PATCH 1/2] inotify: stop kernel memory leak on file creation failure"
In reply to: Eric Paris: "[PATCH 1/2] inotify: stop kernel memory leak on file creation failure"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

If fanotify_init is unable to allocate a new fsnotify group it will
return but will not drop its reference on the associated user struct.
Drop that reference on error.

Reported-by: Vegard Nossum <vegard.nossum@xxxxxxxxx>
Signed-off-by: Eric Paris <eparis@xxxxxxxxxx>
---
fs/notify/fanotify/fanotify_user.c | 4 +++-
1 files changed, 3 insertions(+), 1 deletions(-)

diff --git a/fs/notify/fanotify/fanotify_user.c b/fs/notify/fanotify/fanotify_user.c
index a2538b6..eddad55 100644
--- a/fs/notify/fanotify/fanotify_user.c
+++ b/fs/notify/fanotify/fanotify_user.c
@@ -695,8 +695,10 @@ SYSCALL_DEFINE2(fanotify_init, unsigned int, flags, unsigned int, event_f_flags)

/* fsnotify_alloc_group takes a ref. Dropped in fanotify_release */
group = fsnotify_alloc_group(&fanotify_fsnotify_ops);
- if (IS_ERR(group))
+ if (IS_ERR(group)) {
+ free_uid(user);
return PTR_ERR(group);
+ }

group->fanotify_data.user = user;
atomic_inc(&user->fanotify_listeners);
--
1.7.1

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Neil Brown: "Re: [PATCH] md: Fix single printks with multiple KERN_<level>s"
Previous message: Eric Paris: "[PATCH 1/2] inotify: stop kernel memory leak on file creation failure"
In reply to: Eric Paris: "[PATCH 1/2] inotify: stop kernel memory leak on file creation failure"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]