[PATCH] UBIFS: Fix possible memory leak in ubifs_readdir()

David Gstir david at sigma-star.at
Mon Oct 12 23:50:42 PDT 2015


> On 12.10.2015, at 23:35, Richard Weinberger <richard at nod.at> wrote:
> 
> If ubifs_tnc_next_ent() returns something else than -ENOENT
> we leak file->private_data.
> 
> Signed-off-by: Richard Weinberger <richard at nod.at>
> ---
> fs/ubifs/dir.c | 5 +++--
> 1 file changed, 3 insertions(+), 2 deletions(-)
> 
> diff --git a/fs/ubifs/dir.c b/fs/ubifs/dir.c
> index 5c27c66..cb88ea3 100644
> --- a/fs/ubifs/dir.c
> +++ b/fs/ubifs/dir.c
> @@ -449,13 +449,14 @@ static int ubifs_readdir(struct file *file, struct dir_context *ctx)
> 	}
> 
> out:
> +	kfree(file->private_data);
> +	file->private_data = NULL;
> +
> 	if (err != -ENOENT) {
> 		ubifs_err(c, "cannot find next direntry, error %d", err);
> 		return err;
> 	}
> 
> -	kfree(file->private_data);
> -	file->private_data = NULL;
> 	/* 2 is a special value indicating that there are no more direntries */
> 	ctx->pos = 2;
> 	return 0;
> -- 
> 2.5.0

Looks good to me.

Reviewed-by: David Gstir <david at sigma-star.at> 

Thanks,
David


More information about the linux-mtd mailing list