fuse: fix memleak in cuse_channel_open

hulk inclusion category: bugfix bugzilla: 20220 CVE: NA --------------------------- If cuse_send_init fails, need to fuse_conn_put cc->fc. cuse_channel_open->fuse_conn_init->refcount_set(&fc->count, 1) ->fuse_dev_alloc->fuse_conn_get ->fuse_dev_free->fuse_conn_put Fixes: cc080e9e ("fuse: introduce per-instance fuse_dev structure") Reported-by: N Hulk Robot <hulkci@huawei.com> Signed-off-by: N zhengbin <zhengbin13@huawei.com> Reviewed-by: N luojiajun <luojiajun3@huawei.com> Signed-off-by: N Yang Yingliang <yangyingliang@huawei.com>

fuse: fix memleak in cuse_channel_open
hulk inclusion category: bugfix bugzilla: 20220 CVE: NA --------------------------- If cuse_send_init fails, need to fuse_conn_put cc->fc. cuse_channel_open->fuse_conn_init->refcount_set(&fc->count, 1) ->fuse_dev_alloc->fuse_conn_get ->fuse_dev_free->fuse_conn_put Fixes: cc080e9e ("fuse: introduce per-instance fuse_dev structure") Reported-by: N Hulk Robot <hulkci@huawei.com> Signed-off-by: N zhengbin <zhengbin13@huawei.com> Reviewed-by: N luojiajun <luojiajun3@huawei.com> Signed-off-by: N Yang Yingliang <yangyingliang@huawei.com>
d6245406 · zhengbin · Xie XiuQi · ec8f896f · d6245406
隐藏空白更改
内联并排

Showing with 1 addition and 0 deletion

fs/fuse/cuse.c fs/fuse/cuse.c +1 -0

未找到文件。
--- a/fs/fuse/cuse.c
+++ b/fs/fuse/cuse.c
@@ -518,6 +518,7 @@ static int cuse_channel_open(struct inode *inode, struct file *file)
 	rc = cuse_send_init(cc);
 	if (rc) {
 		fuse_dev_free(fud);
+		fuse_conn_put(&cc->fc);
 		return rc;
 	}
 	file->private_data = fud;