[PATCH] KEYS: fix KEYCTL_INSTANTIATE_IOV error case memory leak

From: Tommi Rantala
Date: Fri Nov 02 2012 - 08:44:45 EST

Next message: Olof Johansson: "Re: [PATCH v2 1/1] Platform: x86: Add Chrome OS Laptop driver"
Previous message: Peter Senna Tschudin: "Re: [PATCH 1/2] Staging/media: fixed spacing coding style in go7007/wis-ov7640.c"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Avoid leaking memory in the keyctl() KEYCTL_INSTANTIATE_IOV operation, by also
checking in the error case if rw_copy_check_uvector() kmalloc'd memory for us.

Discovered with Trinity.

Signed-off-by: Tommi Rantala <tt.rantala@xxxxxxxxx>
---
security/keys/keyctl.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/security/keys/keyctl.c b/security/keys/keyctl.c
index 5d34b4e..a2c32a2 100644
--- a/security/keys/keyctl.c
+++ b/security/keys/keyctl.c
@@ -1132,12 +1132,13 @@ long keyctl_instantiate_key_iov(key_serial_t id,
ret = rw_copy_check_uvector(WRITE, _payload_iov, ioc,
ARRAY_SIZE(iovstack), iovstack, &iov);
if (ret < 0)
- return ret;
+ goto out;
if (ret == 0)
goto no_payload_free;

ret = keyctl_instantiate_key_common(id, iov, ioc, ret, ringid);

+out:
if (iov != iovstack)
kfree(iov);
return ret;
--
1.7.9.5

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Olof Johansson: "Re: [PATCH v2 1/1] Platform: x86: Add Chrome OS Laptop driver"
Previous message: Peter Senna Tschudin: "Re: [PATCH 1/2] Staging/media: fixed spacing coding style in go7007/wis-ov7640.c"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]