Avoid 'names_cache' memory leak with CONFIG_AUDITSYSCALL

The nameidata "last.name" is always allocated with "__getname()", and should always be free'd with "__putname()". Using "putname()" without the underscores will leak memory, because the allocation will have been hidden from the AUDITSYSCALL code. Arguably the real bug is that the AUDITSYSCALL code is really broken, but in the meantime this fixes the problem people see. Reported by Robert Derr, patch by Rick Lindsley. Acked-by: N Al Viro <viro@ftp.linux.org.uk> Signed-off-by: N Linus Torvalds <torvalds@osdl.org>

Avoid 'names_cache' memory leak with CONFIG_AUDITSYSCALL
The nameidata "last.name" is always allocated with "__getname()", and should always be free'd with "__putname()". Using "putname()" without the underscores will leak memory, because the allocation will have been hidden from the AUDITSYSCALL code. Arguably the real bug is that the AUDITSYSCALL code is really broken, but in the meantime this fixes the problem people see. Reported by Robert Derr, patch by Rick Lindsley. Acked-by: N Al Viro <viro@ftp.linux.org.uk> Signed-off-by: N Linus Torvalds <torvalds@osdl.org>
82984114 · Linus Torvalds · edb4a353 · 82984114
隐藏空白更改
内联并排

Showing with 3 addition and 3 deletion

fs/namei.c fs/namei.c +3 -3

未找到文件。
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -1551,19 +1551,19 @@ int open_namei(const char * pathname, int flag, int mode, struct nameidata *nd)
 	if (nd->last_type != LAST_NORM)
 		goto exit;
 	if (nd->last.name[nd->last.len]) {
-		putname(nd->last.name);
+		__putname(nd->last.name);
 		goto exit;
 	}
 	error = -ELOOP;
 	if (count++==32) {
-		putname(nd->last.name);
+		__putname(nd->last.name);
 		goto exit;
 	}
 	dir = nd->dentry;
 	down(&dir->d_inode->i_sem);
 	path.dentry = __lookup_hash(&nd->last, nd->dentry, nd);
 	path.mnt = nd->mnt;
-	putname(nd->last.name);
+	__putname(nd->last.name);
 	goto do_last;
 }