2021-11-11 07:45:49

by Christophe JAILLET

[permalink] [raw]
Subject: [PATCH] fs/ntfs3: Fix some memory leaks in an error handling path of 'log_replay()'

All error handling paths lead to 'out' where many resources are freed.

Do it as well here instead of a direct return, otherwise 'log', 'ra' and
'log->one_page_buf' (at least) will leak.

Fixes: b46acd6a6a62 ("fs/ntfs3: Add NTFS journal")
Signed-off-by: Christophe JAILLET <[email protected]>
---
fs/ntfs3/fslog.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/fs/ntfs3/fslog.c b/fs/ntfs3/fslog.c
index 06492f088d60..915f42cf07bc 100644
--- a/fs/ntfs3/fslog.c
+++ b/fs/ntfs3/fslog.c
@@ -4085,8 +4085,10 @@ int log_replay(struct ntfs_inode *ni, bool *initialized)
if (client == LFS_NO_CLIENT_LE) {
/* Insert "NTFS" client LogFile. */
client = ra->client_idx[0];
- if (client == LFS_NO_CLIENT_LE)
- return -EINVAL;
+ if (client == LFS_NO_CLIENT_LE) {
+ err = -EINVAL;
+ goto out;
+ }

t16 = le16_to_cpu(client);
cr = ca + t16;
--
2.30.2



2021-11-23 15:47:33

by Konstantin Komarov

[permalink] [raw]
Subject: Re: [PATCH] fs/ntfs3: Fix some memory leaks in an error handling path of 'log_replay()'



On 11.11.2021 10:45, Christophe JAILLET wrote:
> All error handling paths lead to 'out' where many resources are freed.
>
> Do it as well here instead of a direct return, otherwise 'log', 'ra' and
> 'log->one_page_buf' (at least) will leak.
>
> Fixes: b46acd6a6a62 ("fs/ntfs3: Add NTFS journal")
> Signed-off-by: Christophe JAILLET <[email protected]>
> ---
> fs/ntfs3/fslog.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/fs/ntfs3/fslog.c b/fs/ntfs3/fslog.c
> index 06492f088d60..915f42cf07bc 100644
> --- a/fs/ntfs3/fslog.c
> +++ b/fs/ntfs3/fslog.c
> @@ -4085,8 +4085,10 @@ int log_replay(struct ntfs_inode *ni, bool *initialized)
> if (client == LFS_NO_CLIENT_LE) {
> /* Insert "NTFS" client LogFile. */
> client = ra->client_idx[0];
> - if (client == LFS_NO_CLIENT_LE)
> - return -EINVAL;
> + if (client == LFS_NO_CLIENT_LE) {
> + err = -EINVAL;
> + goto out;
> + }
>
> t16 = le16_to_cpu(client);
> cr = ca + t16;
>


Thanks for patch, applied!