Gaosheng Cui cdf01c807e capabilities: fix potential memleak on error path from vfs_getxattr_alloc() ... commit 8cf0a1bc12 upstream. In cap_inode_getsecurity(), we will use vfs_getxattr_alloc() to complete the memory allocation of tmpbuf, if we have completed the memory allocation of tmpbuf, but failed to call handler->get(...), there will be a memleak in below logic: |-- ret = (int)vfs_getxattr_alloc(mnt_userns, ...) | /* ^^^ alloc for tmpbuf */ |-- value = krealloc(*xattr_value, error + 1, flags) | /* ^^^ alloc memory */ |-- error = handler->get(handler, ...) | /* error! */ |-- *xattr_value = value | /* xattr_value is &tmpbuf (memory leak!) */ So we will try to free(tmpbuf) after vfs_getxattr_alloc() fails to fix it. Cc: stable@vger.kernel.org Fixes: 8db6c34f1d ("Introduce v3 namespaced file capabilities") Signed-off-by: Gaosheng Cui <cuigaosheng1@huawei.com> Acked-by: Serge Hallyn <serge@hallyn.com> [PM: subject line and backtrace tweaks] Signed-off-by: Paul Moore <paul@paul-moore.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>		2022-11-10 18:14:26 +01:00
..
apparmor	apparmor: Fix memleak in aa_simple_write_to_buffer()	2022-08-25 11:37:53 +02:00
bpf
integrity	efi: Correct Macmini DMI match in uefi cert quirk	2022-10-15 07:55:54 +02:00
keys
loadpin
lockdown
safesetid
selinux	selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context()	2022-10-30 09:41:15 +01:00
smack
tomoyo
yama
commoncap.c	capabilities: fix potential memleak on error path from vfs_getxattr_alloc()	2022-11-10 18:14:26 +01:00
device_cgroup.c
inode.c
Kconfig	x86/retbleed: Add fine grained Kconfig knobs	2022-07-25 11:26:50 +02:00
Kconfig.hardening	hardening: Remove Clang's enable flag for -ftrivial-auto-var-init=zero	2022-10-26 13:25:12 +02:00
lsm_audit.c
Makefile
min_addr.c
security.c