Re: [PATCH] squashfs: Avoid mem leak in squashfs_fill_super
From: Scott Guo
Date: Mon Aug 11 2025 - 22:13:02 EST
在 2025/8/12 6:35, Phillip Lougher 写道:
On 11/08/2025 07:19, scott_gzh@xxxxxxx wrote:
From: Scott GUO <scottzhguo@xxxxxxxxxxx>
If sb_min_blocksize returns 0, -EINVAL was returned without freeing
sb->s_fs_info, causing mem leak.
Fix it by goto failed_mount.
Thanks for spotting this, but, NACK to the patch.
A better fix is to call sb_min_blocksize and check the
return result before the memory is allocated.
OK, will send v2.>
Phillip
Fixes: 734aa85390ea ("Squashfs: check return result of sb_min_blocksize")
Signed-off-by: Scott GUO <scottzhguo@xxxxxxxxxxx>
---
fs/squashfs/super.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/fs/squashfs/super.c b/fs/squashfs/super.c
index 992ea0e37257..7d501083b2e3 100644
--- a/fs/squashfs/super.c
+++ b/fs/squashfs/super.c
@@ -201,10 +201,12 @@ static int squashfs_fill_super(struct
super_block *sb, struct fs_context *fc)
msblk->panic_on_errors = (opts->errors == Opt_errors_panic);
+ err = -EINVAL;
+
msblk->devblksize = sb_min_blocksize(sb, SQUASHFS_DEVBLK_SIZE);
if (!msblk->devblksize) {
errorf(fc, "squashfs: unable to set blocksize\n");
- return -EINVAL;
+ goto failed_mount;
}
msblk->devblksize_log2 = ffz(~msblk->devblksize);
@@ -227,8 +229,6 @@ static int squashfs_fill_super(struct super_block
*sb, struct fs_context *fc)
goto failed_mount;
}
- err = -EINVAL;
-
/* Check it is a SQUASHFS superblock */
sb->s_magic = le32_to_cpu(sblk->s_magic);
if (sb->s_magic != SQUASHFS_MAGIC) {