[PATCH] knfsd: nfsd4: fix memory leak on kmalloc failure in savemem

The wrong pointer is being kfree'd in savemem() when defer_free returns with an error. Signed-off-by: N Benny Halevy <bhalevy@panasas.com> Signed-off-by: N J. Bruce Fields <bfields@citi.umich.edu> Signed-off-by: N Neil Brown <neilb@suse.de> Signed-off-by: N Andrew Morton <akpm@linux-foundation.org> Signed-off-by: N Linus Torvalds <torvalds@linux-foundation.org>

[PATCH] knfsd: nfsd4: fix memory leak on kmalloc failure in savemem
The wrong pointer is being kfree'd in savemem() when defer_free returns with an error. Signed-off-by: N Benny Halevy <bhalevy@panasas.com> Signed-off-by: N J. Bruce Fields <bfields@citi.umich.edu> Signed-off-by: N Neil Brown <neilb@suse.de> Signed-off-by: N Andrew Morton <akpm@linux-foundation.org> Signed-off-by: N Linus Torvalds <torvalds@linux-foundation.org>
a4db5fe5 · J. Bruce Fields · Linus Torvalds · 28e05dd8 · a4db5fe5
隐藏空白更改
内联并排

Showing with 4 addition and 6 deletion

fs/nfsd/nfs4xdr.c fs/nfsd/nfs4xdr.c +4 -6

未找到文件。
--- a/fs/nfsd/nfs4xdr.c
+++ b/fs/nfsd/nfs4xdr.c
@@ -199,24 +199,22 @@ defer_free(struct nfsd4_compoundargs *argp,
 static char *savemem(struct nfsd4_compoundargs *argp, __be32 *p, int nbytes)
 {
-	void *new = NULL;
 	if (p == argp->tmp) {
-		new = kmalloc(nbytes, GFP_KERNEL);
+		p = kmalloc(nbytes, GFP_KERNEL);
-		if (!new) return NULL;
+		if (!p)
-		p = new;
+			return NULL;
 		memcpy(p, argp->tmp, nbytes);
 	} else {
 		BUG_ON(p != argp->tmpp);
 		argp->tmpp = NULL;
 	}
 	if (defer_free(argp, kfree, p)) {
-		kfree(new);
+		kfree(p);
 		return NULL;
 	} else
 		return (char *)p;
 }
 static __be32
 nfsd4_decode_bitmap(struct nfsd4_compoundargs *argp, u32 *bmval)
 {