summaryrefslogtreecommitdiff
path: root/mm
diff options
context:
space:
mode:
authorMichel Lespinasse <walken@google.com>2011-12-19 17:12:06 -0800
committerGreg Kroah-Hartman <gregkh@suse.de>2012-01-06 14:13:50 -0800
commit5b8befdb785856462ee5eafc8a52ceb78e720f77 (patch)
treed3767c51bdd491cf6cec2d0fb786e8005aaa75c6 /mm
parentd051424f29eac6b4c173365a3ba5b9bb76870ce6 (diff)
downloadlwn-5b8befdb785856462ee5eafc8a52ceb78e720f77.tar.gz
lwn-5b8befdb785856462ee5eafc8a52ceb78e720f77.zip
binary_sysctl(): fix memory leak
commit 3d3c8f93a237b64580c5c5e138edeb1377e98230 upstream. binary_sysctl() calls sysctl_getname() which allocates from names_cache slab usin __getname() The matching function to free the name is __putname(), and not putname() which should be used only to match getname() allocations. This is because when auditing is enabled, putname() calls audit_putname *instead* (not in addition) to __putname(). Then, if a syscall is in progress, audit_putname does not release the name - instead, it expects the name to get released when the syscall completes, but that will happen only if audit_getname() was called previously, i.e. if the name was allocated with getname() rather than the naked __getname(). So, __getname() followed by putname() ends up leaking memory. Signed-off-by: Michel Lespinasse <walken@google.com> Acked-by: Al Viro <viro@zeniv.linux.org.uk> Cc: Christoph Hellwig <hch@infradead.org> Cc: Eric Paris <eparis@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Diffstat (limited to 'mm')
0 files changed, 0 insertions, 0 deletions