pstore: Fix leaked pstore_record in pstore_get_backend_records()

When the "if (record->size <= 0)" test is true in pstore_get_backend_records() it's pretty clear that nobody holds a reference to the allocated pstore_record, yet we don't free it. Let's free it. Fixes: 2a2b0acf ("pstore: Allocate records on heap instead of stack") Signed-off-by: N Douglas Anderson <dianders@chromium.org> Signed-off-by: N Kees Cook <keescook@chromium.org> Cc: stable@vger.kernel.org

pstore: Fix leaked pstore_record in pstore_get_backend_records()
When the "if (record->size <= 0)" test is true in pstore_get_backend_records() it's pretty clear that nobody holds a reference to the allocated pstore_record, yet we don't free it. Let's free it. Fixes: 2a2b0acf ("pstore: Allocate records on heap instead of stack") Signed-off-by: N Douglas Anderson <dianders@chromium.org> Signed-off-by: N Kees Cook <keescook@chromium.org> Cc: stable@vger.kernel.org
f6525b96 · Douglas Anderson · Kees Cook · 4a16d1cb · f6525b96
隐藏空白更改
内联并排

Showing with 3 addition and 1 deletion

fs/pstore/platform.c fs/pstore/platform.c +3 -1

未找到文件。
--- a/fs/pstore/platform.c
+++ b/fs/pstore/platform.c
@@ -849,8 +849,10 @@ void pstore_get_backend_records(struct pstore_info *psi,
 		record->size = psi->read(record);

 		/* No more records left in backend? */
-		if (record->size <= 0)
+		if (record->size <= 0) {
+			kfree(record);
 			break;
+		}

 		decompress_record(record);
 		rc = pstore_mkfile(root, record);