[PATCH 3.13 122/160] aio: fix potential leak in aio_run_iocb().
Kamal Mostafa
kamal at canonical.com
Tue Jun 10 19:46:02 UTC 2014
3.13.11.3 -stable review patch. If anyone has any objections, please let me know.
------------------
From: Leon Yu <chianglungyu at gmail.com>
commit 754320d6e166d3a12cb4810a452bde00afbd4e9a upstream.
iovec should be reclaimed whenever caller of rw_copy_check_uvector() returns,
but it doesn't hold when failure happens right after aio_setup_vectored_rw().
Fix that in a such way to avoid hairy goto.
Signed-off-by: Leon Yu <chianglungyu at gmail.com>
Signed-off-by: Benjamin LaHaise <bcrl at kvack.org>
Signed-off-by: Kamal Mostafa <kamal at canonical.com>
---
fs/aio.c | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/fs/aio.c b/fs/aio.c
index 12a3de0e..04cd768 100644
--- a/fs/aio.c
+++ b/fs/aio.c
@@ -1299,10 +1299,8 @@ rw_common:
&iovec, compat)
: aio_setup_single_vector(req, rw, buf, &nr_segs,
iovec);
- if (ret)
- return ret;
-
- ret = rw_verify_area(rw, file, &req->ki_pos, req->ki_nbytes);
+ if (!ret)
+ ret = rw_verify_area(rw, file, &req->ki_pos, req->ki_nbytes);
if (ret < 0) {
if (iovec != &inline_vec)
kfree(iovec);
--
1.9.1
More information about the kernel-team
mailing list