diff options
author | Douglas Anderson <dianders@chromium.org> | 2017-05-30 15:50:38 -0700 |
---|---|---|
committer | Kees Cook <keescook@chromium.org> | 2017-05-31 10:10:09 -0700 |
commit | f6525b96dd9f68efe374e5aef864975e628de991 (patch) | |
tree | 24c125fe9c2db7712df9427715c2ec537cc22449 /fs/pstore/platform.c | |
parent | 4a16d1cb245c56e72fd40a28f3cdb394cde4b341 (diff) | |
download | op-kernel-dev-f6525b96dd9f68efe374e5aef864975e628de991.zip op-kernel-dev-f6525b96dd9f68efe374e5aef864975e628de991.tar.gz |
pstore: Fix leaked pstore_record in pstore_get_backend_records()
When the "if (record->size <= 0)" test is true in
pstore_get_backend_records() it's pretty clear that nobody holds a
reference to the allocated pstore_record, yet we don't free it.
Let's free it.
Fixes: 2a2b0acf768c ("pstore: Allocate records on heap instead of stack")
Signed-off-by: Douglas Anderson <dianders@chromium.org>
Signed-off-by: Kees Cook <keescook@chromium.org>
Cc: stable@vger.kernel.org
Diffstat (limited to 'fs/pstore/platform.c')
-rw-r--r-- | fs/pstore/platform.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/fs/pstore/platform.c b/fs/pstore/platform.c index b304553..4c5cd93 100644 --- a/fs/pstore/platform.c +++ b/fs/pstore/platform.c @@ -849,8 +849,10 @@ void pstore_get_backend_records(struct pstore_info *psi, record->size = psi->read(record); /* No more records left in backend? */ - if (record->size <= 0) + if (record->size <= 0) { + kfree(record); break; + } decompress_record(record); rc = pstore_mkfile(root, record); |