[Drbd-dev] [PATCH] drbd: fix memory leak in drbd_adm_resize

green at linuxhacker.ru green at linuxhacker.ru
Sun Apr 26 07:28:43 CEST 2015


From: Oleg Drokin <green at linuxhacker.ru>

new_disk_conf could be leaked if the follow on checks fail,
so make sure to free it on error if it was not assigned yet.

Found with smatch.

Signed-off-by: Oleg Drokin <green at linuxhacker.ru>
---
I thought about just moving the allocation around so that
there is is no failure path after allocation, but looking
at the history of changes in that file, people tend to insert
extra checks at random places and that's how we ended up
with the current bug, so better let it fail and handle the failure.


 drivers/block/drbd/drbd_nl.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/drivers/block/drbd/drbd_nl.c b/drivers/block/drbd/drbd_nl.c
index 74df8cf..87fa774 100644
--- a/drivers/block/drbd/drbd_nl.c
+++ b/drivers/block/drbd/drbd_nl.c
@@ -2585,6 +2585,7 @@ int drbd_adm_resize(struct sk_buff *skb, struct genl_info *info)
 		mutex_unlock(&device->resource->conf_update);
 		synchronize_rcu();
 		kfree(old_disk_conf);
+		new_disk_conf = NULL;
 	}
 
 	ddsf = (rs.resize_force ? DDSF_FORCED : 0) | (rs.no_resync ? DDSF_NO_RESYNC : 0);
@@ -2618,6 +2619,7 @@ int drbd_adm_resize(struct sk_buff *skb, struct genl_info *info)
 
  fail_ldev:
 	put_ldev(device);
+	kfree(new_disk_conf);
 	goto fail;
 }
 
-- 
2.1.0



More information about the drbd-dev mailing list