Skip to content

Commit 3a36d20

Browse files
martenlirichardweinberger
martenli
authored and
richardweinberger
committed
ubifs: Fix memory leak in do_rename
If renaming a file in an encrypted directory, function fscrypt_setup_filename allocates memory for a file name. This name is never used, and before returning to the caller the memory for it is not freed. When running kmemleak on it we see that it is registered as a leak. The report below is triggered by a simple program 'rename' that renames a file in an encrypted directory: unreferenced object 0xffff888101502840 (size 32): comm "rename", pid 9404, jiffies 4302582475 (age 435.735s) backtrace: __kmem_cache_alloc_node __kmalloc fscrypt_setup_filename do_rename ubifs_rename vfs_rename do_renameat2 To fix this we can remove the call to fscrypt_setup_filename as it's not needed. Fixes: 278d9a2 ("ubifs: Rename whiteout atomically") Reported-by: Zhihao Cheng <chengzhihao1@huawei.com> Signed-off-by: Mårten Lindahl <marten.lindahl@axis.com> Reviewed-by: Zhihao Cheng <chengzhihao1@huawei.com> Cc: stable@vger.kernel.org Signed-off-by: Richard Weinberger <richard@nod.at>
1 parent 1fb815b commit 3a36d20

1 file changed

Lines changed: 0 additions & 6 deletions

File tree

fs/ubifs/dir.c

Lines changed: 0 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -358,7 +358,6 @@ static struct inode *create_whiteout(struct inode *dir, struct dentry *dentry)
358358
umode_t mode = S_IFCHR | WHITEOUT_MODE;
359359
struct inode *inode;
360360
struct ubifs_info *c = dir->i_sb->s_fs_info;
361-
struct fscrypt_name nm;
362361

363362
/*
364363
* Create an inode('nlink = 1') for whiteout without updating journal,
@@ -369,10 +368,6 @@ static struct inode *create_whiteout(struct inode *dir, struct dentry *dentry)
369368
dbg_gen("dent '%pd', mode %#hx in dir ino %lu",
370369
dentry, mode, dir->i_ino);
371370

372-
err = fscrypt_setup_filename(dir, &dentry->d_name, 0, &nm);
373-
if (err)
374-
return ERR_PTR(err);
375-
376371
inode = ubifs_new_inode(c, dir, mode, false);
377372
if (IS_ERR(inode)) {
378373
err = PTR_ERR(inode);
@@ -395,7 +390,6 @@ static struct inode *create_whiteout(struct inode *dir, struct dentry *dentry)
395390
make_bad_inode(inode);
396391
iput(inode);
397392
out_free:
398-
fscrypt_free_filename(&nm);
399393
ubifs_err(c, "cannot create whiteout file, error %d", err);
400394
return ERR_PTR(err);
401395
}

0 commit comments

Comments
 (0)