| Message ID | 20220815151606.3479183-1-r33s3n6@gmail.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | fs: btrfs: fix possible memory leaks in btrfs_get_dev_args_from_path() | expand |
On Mon, Aug 15, 2022 at 11:16:06PM +0800, Zixuan Fu wrote: > In btrfs_get_dev_args_from_path(), btrfs_get_bdev_and_sb() can fail if the > path is invalid. In this case, btrfs_get_dev_args_from_path() returns > directly without freeing args->uuid and args->fsid allocated before, which > causes memory leaks. > > To fix these possible leaks, when btrfs_get_bdev_and_sb() fails, > btrfs_put_dev_args_from_path() is called to clean up the memory. > > Fixes: faa775c41d655 ("btrfs: add a btrfs_get_dev_args_from_path helper") > Reported-by: TOTE Robot <oslab@tsinghua.edu.cn> > Signed-off-by: Zixuan Fu <r33s3n6@gmail.com> Reviewed-by: Boris Burkov <boris@bur.io> > --- > fs/btrfs/volumes.c | 5 ++++- > 1 file changed, 4 insertions(+), 1 deletion(-) > > diff --git a/fs/btrfs/volumes.c b/fs/btrfs/volumes.c > index 272901514b0c..064ab2a79c80 100644 > --- a/fs/btrfs/volumes.c > +++ b/fs/btrfs/volumes.c > @@ -2345,8 +2345,11 @@ int btrfs_get_dev_args_from_path(struct btrfs_fs_info *fs_info, > > ret = btrfs_get_bdev_and_sb(path, FMODE_READ, fs_info->bdev_holder, 0, > &bdev, &disk_super); > - if (ret) > + if (ret) { > + btrfs_put_dev_args_from_path(args); > return ret; > + } > + > args->devid = btrfs_stack_device_id(&disk_super->dev_item); > memcpy(args->uuid, disk_super->dev_item.uuid, BTRFS_UUID_SIZE); > if (btrfs_fs_incompat(fs_info, METADATA_UUID)) > -- > 2.25.1 >
On Mon, Aug 15, 2022 at 11:16:06PM +0800, Zixuan Fu wrote: > In btrfs_get_dev_args_from_path(), btrfs_get_bdev_and_sb() can fail if the > path is invalid. In this case, btrfs_get_dev_args_from_path() returns > directly without freeing args->uuid and args->fsid allocated before, which > causes memory leaks. > > To fix these possible leaks, when btrfs_get_bdev_and_sb() fails, > btrfs_put_dev_args_from_path() is called to clean up the memory. > > Fixes: faa775c41d655 ("btrfs: add a btrfs_get_dev_args_from_path helper") > Reported-by: TOTE Robot <oslab@tsinghua.edu.cn> > Signed-off-by: Zixuan Fu <r33s3n6@gmail.com> Added to misc-next, thanks.
diff --git a/fs/btrfs/volumes.c b/fs/btrfs/volumes.c index 272901514b0c..064ab2a79c80 100644 --- a/fs/btrfs/volumes.c +++ b/fs/btrfs/volumes.c @@ -2345,8 +2345,11 @@ int btrfs_get_dev_args_from_path(struct btrfs_fs_info *fs_info, ret = btrfs_get_bdev_and_sb(path, FMODE_READ, fs_info->bdev_holder, 0, &bdev, &disk_super); - if (ret) + if (ret) { + btrfs_put_dev_args_from_path(args); return ret; + } + args->devid = btrfs_stack_device_id(&disk_super->dev_item); memcpy(args->uuid, disk_super->dev_item.uuid, BTRFS_UUID_SIZE); if (btrfs_fs_incompat(fs_info, METADATA_UUID))
In btrfs_get_dev_args_from_path(), btrfs_get_bdev_and_sb() can fail if the path is invalid. In this case, btrfs_get_dev_args_from_path() returns directly without freeing args->uuid and args->fsid allocated before, which causes memory leaks. To fix these possible leaks, when btrfs_get_bdev_and_sb() fails, btrfs_put_dev_args_from_path() is called to clean up the memory. Fixes: faa775c41d655 ("btrfs: add a btrfs_get_dev_args_from_path helper") Reported-by: TOTE Robot <oslab@tsinghua.edu.cn> Signed-off-by: Zixuan Fu <r33s3n6@gmail.com> --- fs/btrfs/volumes.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)