[PATCH] 2.1 / 2.2 NTFS driver memory leak fix

Steve Dodd (dirk@loth.demon.co.uk)
Thu, 21 Jan 1999 07:14:58 +0000

--qDbXVdCdHGoSgWSk
Content-Type: text/plain; charset=us-ascii

Hi all,

This fixes *a* memory leak in the ntfs driver. There seem to be more - I don't
know how many :)

Cheers,
Steve

-- 
We are Linux. Resistance is an indication that you missed the point.


--qDbXVdCdHGoSgWSk
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="ntfs-mem-fix.patch"


diff -ur vanilla/fs/ntfs/attr.c linux/fs/ntfs/attr.c
--- vanilla/fs/ntfs/attr.c	Sun Jan  3 17:23:02 1999
+++ linux/fs/ntfs/attr.c	Thu Jan 21 06:36:01 1999
@@ -19,7 +19,8 @@
 
 /* Look if an attribute already exists in the inode, and if not, create it */
 static int 
-new_attr(ntfs_inode *ino,int type,void *name,int namelen,int *pos, int *found)
+new_attr(ntfs_inode *ino,int type,void *name,int namelen,int *pos, int *found,
+			int do_search )
 {
 	int do_insert=0;
 	int i;
@@ -28,15 +29,17 @@
 	{
 		int n=min(namelen,ino->attrs[i].namelen);
 		int s=ntfs_uni_strncmp(ino->attrs[i].name,name,n);
-		/*
-		 * We assume that each attribute can be uniquely 
-		 * identified by inode
-		 * number, attribute type and attribute name.
-		 */
-		if(ino->attrs[i].type==type && ino->attrs[i].namelen==namelen && !s){
-			*found=1;
-			*pos=i;
-			return 0;
+		if( do_search ) {
+			/*
+			 * We assume that each attribute can be uniquely 
+			 * identified by inode
+			 * number, attribute type and attribute name.
+			 */
+			if(ino->attrs[i].type==type && ino->attrs[i].namelen==namelen && !s){
+				*found=1;
+				*pos=i;
+				return 0;
+			}
 		}
 		/* attributes are ordered by type, then by name */
 		if(ino->attrs[i].type>type || (ino->attrs[i].type==type && s==1)){
@@ -59,6 +62,7 @@
 	if(do_insert)
 		ntfs_memmove(ino->attrs+i+1,ino->attrs+i,(ino->attr_count-i)*
 			    sizeof(ntfs_attribute));
+
 	ino->attr_count++;
 	ino->attrs[i].type=type;
 	ino->attrs[i].namelen=namelen;
@@ -208,8 +212,10 @@
 		v=attr->d.data;
 		if(newsize){
 			attr->d.data=ntfs_malloc(newsize);
-			if(!attr->d.data)
+			if(!attr->d.data) {
+				ntfs_free(v);
 				return ENOMEM;
+			}
 			if(newsize>oldsize)
 				ntfs_bzero((char*)attr->d.data+oldsize,
 					   newsize-oldsize);
@@ -284,7 +290,7 @@
 		name=0;
 		namelen=0;
 	}
-	new_attr(ino,anum,name,namelen,&i,&found);
+	new_attr(ino,anum,name,namelen,&i,&found,1);
 	if(found){
 		ntfs_free(name);
 		return EEXIST;
@@ -378,13 +384,19 @@
 		name=ntfs_malloc(2*namelen);
 		ntfs_memcpy(name,attrdata+NTFS_GETU16(attrdata+10),2*namelen);
 	}
-	new_attr(ino,type,name,namelen,&i,&found);
+	new_attr(ino,type,name,namelen,&i,&found,1);
 	/* We can have in one inode two attributes with type 0x00000030 (File Name) 
 	   and without name */
 	if(found && /*FIXME*/type!=ino->vol->at_file_name)
 	{
 		ntfs_process_runs(ino,ino->attrs+i,attrdata);
 		return 0;
+	} else if( found ) {
+		/* Don't understand the above, but I know it leaks memory below 'cos
+			we overwrite a found entry without freeing it. So here we
+			call new_attr again but this time ask us to always allocate a new
+			entry */
+		new_attr(ino,type,name,namelen,&i,&found,0);
 	}
 	attr=ino->attrs+i;
 	attr->resident=NTFS_GETU8(attrdata+8)==0;


--qDbXVdCdHGoSgWSk--


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/