[PATCH 2/2] rxrpc: Fix key reference count leak in rxrpc_alloc_client_call()
David Howells
dhowells at redhat.com
Wed Mar 18 14:46:00 PDT 2026
Anderson Nascimento <anderson at allelesecurity.com> wrote:
> @@ -227,6 +227,7 @@ static struct rxrpc_call *rxrpc_alloc_client_call(struct rxrpc_sock *rx,
>
> ret = rxrpc_init_client_call_security(call);
> if (ret < 0) {
> + key_put(call->key);
> rxrpc_prefail_call(call, RXRPC_CALL_LOCAL_ERROR, ret);
> rxrpc_put_call(call, rxrpc_call_put_discard_error);
> return ERR_PTR(ret);
It's probably better to do this in rxrpc_destroy_call() if we can as a last
fallback. In fact it's probably always leaking the call->key, not just under
this circumstance.
David
More information about the linux-afs
mailing list