Kernel/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-12-29 17:25:38 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
linux-3.0.y
linux-stable/fs
History
Dave Jones 546a50594e ext4: fix memory leak in xattr 
commit 6e4ea8e33b upstream.

If we take the 2nd retry path in ext4_expand_extra_isize_ea, we
potentionally return from the function without having freed these
allocations.  If we don't do the return, we over-write the previous
allocation pointers, so we leak either way.

Spotted with Coverity.

[ Fixed by tytso to set is and bs to NULL after freeing these
  pointers, in case in the retry loop we later end up triggering an
  error causing a jump to cleanup, at which point we could have a double
  free bug. -- Ted ]

Signed-off-by: Dave Jones <davej@fedoraproject.org>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Reviewed-by: Eric Sandeen <sandeen@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2013-10-22 08:41:44 +01:00
..
9p fs/9p: Use protocol-defined value for lock/getlock 'type' field. 2011-10-03 11:40:22 -07:00
adfs Fix common misspellings 2011-03-31 11:26:23 -03:00
affs affs: remove unnecessary dentry_unhash on rmdir, dir rename 2011-05-28 01:02:53 -04:00
afs afs: Remote abort can cause BUG in rxrpc code 2012-03-23 11:20:51 -07:00
autofs4 autofs - remove autofs dentry mount check 2013-05-11 13:38:00 -07:00
befs befs: Validate length of long symbolic links. 2011-08-29 13:29:06 -07:00
bfs bfs: remove unnecessary dentry_unhash on dir rename 2011-05-28 01:02:50 -04:00
btrfs Btrfs: change how we queue blocks for backref checking 2013-10-13 14:51:08 -07:00
cachefiles Fix common misspellings 2011-03-31 11:26:23 -03:00
ceph ceph: fix statvfs fr_size 2013-06-20 11:28:21 -07:00
cifs cifs: ensure that srv_mutex is held when dealing with ssocket pointer 2013-09-26 16:52:46 -07:00
coda coda_ioctl_permission() is safe in RCU mode 2011-06-20 10:44:19 -04:00
configfs configfs: remove unnecessary dentry_unhash on rmdir, dir rename 2011-05-28 01:02:54 -04:00
cramfs cramfs: get_cramfs_inode() returns ERR_PTR() on failure 2011-07-17 23:22:02 -04:00
debugfs debugfs: debugfs_remove_recursive() must not rely on list_empty(d_subdirs) 2013-08-14 22:55:17 -07:00
devpts fs/devpts/inode.c: correctly check d_alloc_name() return code in devpts_pty_new() 2011-03-22 17:44:17 -07:00
dlm Merge branch 'trivial' of git://git.kernel.org/pub/scm/linux/kernel/git/mmarek/kbuild-2.6 2011-05-26 13:19:00 -07:00
ecryptfs eCryptfs: check for eCryptfs cipher support at mount 2012-11-26 11:34:55 -08:00
efs block: remove per-queue plugging 2011-03-10 08:52:07 +01:00
exofs fix exofs ->get_parent() 2011-07-17 23:20:29 -04:00
exportfs vfs: Add open by file handle support 2011-03-15 02:21:44 -04:00
ext2 ext2: remove unnecessary dentry_unhash on rmdir/rename_dir 2011-05-26 07:26:56 -04:00
ext3 ext3,ext4: don't mess with dir_file->f_pos in htree_dirblock_to_tree() 2013-07-21 18:14:40 -07:00
ext4 ext4: fix memory leak in xattr 2013-10-22 08:41:44 +01:00
fat fat: fix possible overflow for fat_clusters 2013-06-07 12:46:35 -07:00
freevxfs treewide: fix a few typos in comments 2011-05-10 10:16:21 +02:00
fscache fs/fscache/stats.c: fix memory leak 2013-05-07 19:57:25 -07:00
fuse fuse: invalidate inode attributes on xattr modification 2013-09-26 16:52:53 -07:00
gfs2 GFS2: Test bufdata with buffer locked and gfs2_log_lock held 2013-01-17 08:44:12 -08:00
hfs hfs: fix hfs_find_init() sb->ext_tree NULL ptr oops 2011-12-21 12:57:41 -08:00
hfsplus hfsplus: fix potential overflow in hfsplus_file_truncate() 2013-04-25 21:23:47 -07:00
hostfs hostfs: remove unnecessary dentry_unhash on rmdir, dir rename 2011-05-28 01:02:52 -04:00
hpfs hpfs: better test for errors 2013-07-13 10:34:43 -07:00
hppfs hppfs: missing include 2011-11-11 09:35:59 -08:00
hugetlbfs mm: compaction: introduce sync-light migration for use by compaction 2012-08-01 12:27:18 -07:00
isofs isofs: Refuse RW mount of the filesystem instead of making it RO 2013-09-26 16:52:48 -07:00
jbd jbd: Fix lock ordering bug in journal_unmap_buffer() 2012-12-03 12:59:14 -08:00
jbd2 jbd2: fix theoretical race in jbd2__journal_restart 2013-07-21 18:14:40 -07:00
jffs2 jffs2: hold erase_completion_lock on exit 2013-01-17 08:43:55 -08:00
jfs jfs: fix readdir cookie incompatibility with NFSv4 2013-09-07 21:49:32 -07:00
lockd lockd: protect nlm_blocked access in nlmsvc_retry_blocked 2013-07-28 16:18:48 -07:00
logfs logfs doesn't need ->permission() at all 2011-06-20 10:44:26 -04:00
minix minix: remove unnecessary dentry_unhash on rmdir, dir rename 2011-05-28 01:02:54 -04:00
ncpfs ncpfs: fix rename over directory with dangling references 2011-05-28 01:02:53 -04:00
nfs NFSv4: Handle NFS4ERR_DELAY and NFS4ERR_GRACE in nfs4_open_delegation_recall 2013-05-07 19:57:26 -07:00
nfs_common Fix common misspellings 2011-03-31 11:26:23 -03:00
nfsd nfsd4: fix decoding of compounds across page boundaries 2013-07-13 10:34:44 -07:00
nilfs2 nilfs2: fix issue with counting number of bio requests for BIO_EOPNOTSUPP error detection 2013-08-29 09:42:12 -07:00
nls NLS: improve UTF8 -> UTF16 string conversion routine 2013-02-28 06:32:26 -08:00
notify fanotify: dont merge permission events 2013-10-01 08:55:48 -07:00
ntfs Fix common misspellings 2011-03-31 11:26:23 -03:00
ocfs2 ocfs2: fix the end cluster offset of FIEMAP 2013-09-26 16:52:48 -07:00
omfs Remove unneeded version.h includes from fs/ 2011-06-24 08:34:22 -07:00
openpromfs
partitions block: Fix NULL pointer dereference in sd_revalidate_disk 2012-03-19 08:57:58 -07:00
proc proc-ns: use d_set_d_op() API to set dentry ops in proc_ns_instantiate(). 2012-04-02 09:27:18 -07:00
pstore pstore: fix pstore filesystem mount/remount issue 2011-05-16 11:05:00 -07:00
qnx4 block: remove per-queue plugging 2011-03-10 08:52:07 +01:00
quota VFS: Fix the remaining automounter semantics regressions 2011-11-11 09:36:22 -08:00
ramfs fs: ramfs: file-nommu: add SetPageUptodate() 2012-07-16 08:47:52 -07:00
reiserfs reiserfs: Fix warning and inode leak when deleting inode with xattrs 2013-04-12 09:18:08 -07:00
romfs romfs: fix romfs_get_unmapped_area() argument check 2011-06-27 18:00:12 -07:00
squashfs Squashfs: fix mount time sanity check for corrupted superblock 2012-10-02 09:47:54 -07:00
sysfs Revert "sysfs: fix race between readdir and lseek" 2013-04-25 21:23:48 -07:00
sysv sysv: remove unnecessary dentry_unhash from rmdir, dir rename 2011-05-28 01:02:50 -04:00
ubifs UBIFS: fix a horrid bug 2013-07-03 11:03:24 -07:00
udf udf: avoid info leak on export 2013-03-28 12:06:04 -07:00
ufs ufs should use d_splice_alias() 2011-07-17 23:21:35 -04:00
xfs xfs: fix reading of wrapped log data 2012-11-17 13:14:25 -08:00
aio.c vfs: make AIO use the proper rw_verify_area() area helpers 2012-06-01 15:12:53 +08:00
anon_inodes.c
attr.c Cache xattr security drop check for write v2 2011-05-28 12:02:09 -04:00
bad_inode.c bad_inode_permission() is safe from RCU mode 2011-06-20 10:44:00 -04:00
binfmt_aout.c
binfmt_elf_fdpic.c FDPIC: Fix memory leak 2011-07-06 12:15:16 -07:00
binfmt_elf.c coredump: prevent double-free on an error path in core dumper 2012-10-07 08:27:25 -07:00
binfmt_em86.c exec: use -ELOOP for max recursion depth 2013-03-28 12:06:14 -07:00
binfmt_flat.c CRED: Fix load_flat_shared_library() to initialise bprm correctly 2011-05-03 10:10:51 +10:00
binfmt_misc.c exec: use -ELOOP for max recursion depth 2013-03-28 12:06:14 -07:00
binfmt_script.c exec: use -ELOOP for max recursion depth 2013-03-28 12:06:14 -07:00
binfmt_som.c
bio-integrity.c block: Require subsystems to explicitly allocate bio_set integrity mempool 2011-03-17 11:11:05 +01:00
bio.c SCSI: sg: Fix user memory corruption when SG_IO is interrupted by a signal 2013-09-07 21:49:32 -07:00
block_dev.c writeback: Fix periodic writeback after fs mount 2013-07-28 16:18:44 -07:00
buffer.c block: replace __getblk_slow misfix by grow_dev_page fix 2012-09-14 10:00:39 -07:00
char_dev.c
compat_binfmt_elf.c
compat_ioctl.c fs/compat_ioctl.c: VIDEO_SET_SPU_PALETTE missing error check 2012-10-31 09:51:34 -07:00
compat.c Fix: compat_rw_copy_check_uvector() misuse in aio, readv, writev, and security keys 2013-03-28 12:06:04 -07:00
dcache.c vfs: d_obtain_alias() needs to use "/" as default name. 2013-08-14 22:55:17 -07:00
dcookies.c oprofile, dcookies: Fix possible circular locking dependency 2011-05-31 16:33:35 +02:00
direct-io.c Merge branch 'for-2.6.39/core' of git://git.kernel.dk/linux-2.6-block 2011-03-24 10:16:26 -07:00
drop_caches.c vmscan: change shrinker API by passing shrink_control struct 2011-05-25 08:39:26 -07:00
eventfd.c Docbook: add fs/eventfd.c and fix typos in it 2011-02-21 15:07:04 -08:00
eventpoll.c epoll: prevent missed events on EPOLL_CTL_MOD 2013-01-17 08:43:59 -08:00
exec.c perf: Disable monitoring on setuid processes for regular users 2013-07-03 11:03:23 -07:00
fcntl.c userns: rename is_owner_or_cap to inode_owner_or_capable 2011-03-23 19:47:13 -07:00
fhandle.c fs/fhandle.c: add <linux/personality.h> for ia64 2011-04-14 16:06:56 -07:00
fifo.c fifo: Do not restart open() if it already found a partner 2012-07-19 08:58:21 -07:00
file_table.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6 2011-03-16 13:26:17 -07:00
file.c vfs: avoid large kmalloc()s for the fdtable 2011-04-28 11:28:20 -07:00
filesystems.c fs: synchronize_rcu when unregister_filesystem success not failure 2011-04-17 10:42:01 -07:00
fs_struct.c
fs-writeback.c writeback: update dirtied_when for synced inode to prevent livelock 2011-10-03 11:40:44 -07:00
generic_acl.c userns: rename is_owner_or_cap to inode_owner_or_capable 2011-03-23 19:47:13 -07:00
inode.c mm: fix assertion mapping->nrpages == 0 in end_writeback() 2011-06-27 18:00:13 -07:00
internal.h fs: move i_wb_list out from under inode_lock 2011-03-24 21:17:51 -04:00
ioctl.c vfs: cleanup do_vfs_ioctl() 2011-03-21 00:16:08 -04:00
ioprio.c
Kconfig Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6 2011-05-26 09:52:14 -07:00
Kconfig.binfmt
libfs.c fs/libfs.c: fix simple_attr_write() on 32bit machines 2011-07-19 22:09:30 -07:00
locks.c locks: fix checking of fcntl_setlease argument 2012-08-09 08:27:35 -07:00
Makefile Merge branch 'release' of git://git.kernel.org/pub/scm/linux/kernel/git/aegl/linux-2.6 2011-03-16 19:01:29 -07:00
mbcache.c vmscan: change shrinker API by passing shrink_control struct 2011-05-25 08:39:26 -07:00
mpage.c mm/fs: add hooks to support cleancache 2011-05-26 10:01:43 -06:00
namei.c vfs: fix double put after complete_walk() 2012-03-19 08:57:44 -07:00
namespace.c vfs: umount_tree() might be called on subtree that had never made it 2012-06-10 00:33:01 +09:00
nfsctl.c open-style analog of vfs_path_lookup() 2011-03-14 09:15:28 -04:00
no-block.c
open.c vfs: canonicalize create mode in build_open_flags() 2012-09-14 10:00:37 -07:00
pipe.c vfs: fix pipe counter breakage 2013-03-14 11:32:06 -07:00
pnode.c
pnode.h
posix_acl.c
read_write.c
read_write.h
readdir.c
select.c select: remove unused MAX_SELECT_SECONDS 2011-03-21 00:16:08 -04:00
seq_file.c fix apparmor dereferencing potentially freed dentry, sanitize __d_path() API 2011-12-21 12:57:36 -08:00
signalfd.c epoll: ep_unregister_pollwait() can use the freed pwq->whead 2012-02-29 16:34:35 -08:00
splice.c splice: fix racy pipe->buffers uses 2013-10-05 07:00:40 -07:00
stack.c
stat.c vfs: make O_PATH file descriptors usable for 'fstat()' 2012-10-02 09:47:23 -07:00
statfs.c vfs: allow O_PATH file descriptors for fstatfs() 2013-10-22 08:41:44 +01:00
super.c livelock avoidance in sget() 2013-08-04 15:43:40 +08:00
sync.c Merge branch 'for-2.6.39/core' of git://git.kernel.dk/linux-2.6-block 2011-03-24 10:16:26 -07:00
timerfd.c timerfd: Fix wakeup of processes when timer is cancelled on clock change 2011-06-14 11:46:14 +02:00
utimes.c userns: rename is_owner_or_cap to inode_owner_or_capable 2011-03-23 19:47:13 -07:00
xattr_acl.c
xattr.c Cache xattr security drop check for write v2 2011-05-28 12:02:09 -04:00