korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-11 04:18:39 +08:00
Code Issues Packages Projects Releases Wiki Activity
8cf0a1bc12
linux/security
History
Gaosheng Cui 8cf0a1bc12 capabilities: fix potential memleak on error path from vfs_getxattr_alloc() 
In cap_inode_getsecurity(), we will use vfs_getxattr_alloc() to
complete the memory allocation of tmpbuf, if we have completed
the memory allocation of tmpbuf, but failed to call handler->get(...),
there will be a memleak in below logic:

  |-- ret = (int)vfs_getxattr_alloc(mnt_userns, ...)
    |           /* ^^^ alloc for tmpbuf */
    |-- value = krealloc(*xattr_value, error + 1, flags)
    |           /* ^^^ alloc memory */
    |-- error = handler->get(handler, ...)
    |           /* error! */
    |-- *xattr_value = value
    |           /* xattr_value is &tmpbuf (memory leak!) */

So we will try to free(tmpbuf) after vfs_getxattr_alloc() fails to fix it.

Cc: stable@vger.kernel.org
Fixes: 8db6c34f1d ("Introduce v3 namespaced file capabilities")
Signed-off-by: Gaosheng Cui <cuigaosheng1@huawei.com>
Acked-by: Serge Hallyn <serge@hallyn.com>
[PM: subject line and backtrace tweaks]
Signed-off-by: Paul Moore <paul@paul-moore.com>
2022-10-28 06:44:33 -04:00
..
apparmor ->getprocattr(): attribute name is const char *, TYVM... 2022-09-01 17:34:39 -04:00
bpf bpf: Implement task local storage 2020-11-06 08:08:37 -08:00
integrity fs.acl.rework.prep.v6.1 2022-10-03 19:48:54 -07:00
keys tpmdd updates for Linux v6.1-rc1 2022-10-10 13:09:33 -07:00
landlock landlock: Fix documentation style 2022-09-29 18:43:04 +02:00
loadpin LoadPin: Require file with verity root digests to have a header 2022-09-07 16:37:27 -07:00
lockdown lockdown: ratelimit denial messages 2022-09-14 07:37:50 -04:00
safesetid LSM: SafeSetID: Add setgroups() security policy handling 2022-07-15 18:24:42 +00:00
selinux whack-a-mole: constifying struct path * 2022-10-06 17:31:02 -07:00
smack whack-a-mole: constifying struct path * 2022-10-06 17:31:02 -07:00
tomoyo tomoyo: struct path it might get from LSM callers won't have NULL dentry or mnt 2022-08-21 11:50:42 -04:00
yama task_work: cleanup notification modes 2020-10-17 15:05:30 -06:00
commoncap.c capabilities: fix potential memleak on error path from vfs_getxattr_alloc() 2022-10-28 06:44:33 -04:00
device_cgroup.c bpf: Make BPF_PROG_RUN_ARRAY return -err instead of allow boolean 2022-01-19 12:51:30 -08:00
inode.c Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-07-19 10:42:02 -07:00
Kconfig x86/retbleed: Add fine grained Kconfig knobs 2022-06-29 17:43:41 +02:00
Kconfig.hardening - Yu Zhao's Multi-Gen LRU patches are here. They've been under test in 2022-10-10 17:53:04 -07:00
lsm_audit.c lsm: clean up redundant NULL pointer check 2022-08-15 22:44:01 -04:00
Makefile security: remove unneeded subdir-$(CONFIG_...) 2021-09-03 08:17:20 +09:00
min_addr.c sysctl: pass kernel pointers to ->proc_handler 2020-04-27 02:07:40 -04:00
security.c powerpc updates for 6.1 2022-10-09 14:05:15 -07:00