redonkable
/
alistair23-linux
1
0
Fork 0
Code Releases Activity
alistair23-linux/fs/afs
History
David Howells 64795af3bd afs: Fix memory leak when mounting with multiple source parameters 
[ Upstream commit 4cb6829647 ]

There's a memory leak in afs_parse_source() whereby multiple source=
parameters overwrite fc->source in the fs_context struct without freeing
the previously recorded source.

Fix this by only permitting a single source parameter and rejecting with
an error all subsequent ones.

This was caught by syzbot with the kernel memory leak detector, showing
something like the following trace:

  unreferenced object 0xffff888114375440 (size 32):
    comm "repro", pid 5168, jiffies 4294923723 (age 569.948s)
    backtrace:
      slab_post_alloc_hook+0x42/0x79
      __kmalloc_track_caller+0x125/0x16a
      kmemdup_nul+0x24/0x3c
      vfs_parse_fs_string+0x5a/0xa1
      generic_parse_monolithic+0x9d/0xc5
      do_new_mount+0x10d/0x15a
      do_mount+0x5f/0x8e
      __do_sys_mount+0xff/0x127
      do_syscall_64+0x2d/0x3a
      entry_SYSCALL_64_after_hwframe+0x44/0xa9

Fixes: 13fcc68370 ("afs: Add fs_context support")
Reported-by: syzbot+86dc6632faaca40133ab@syzkaller.appspotmail.com
Signed-off-by: David Howells <dhowells@redhat.com>
cc: Randy Dunlap <rdunlap@infradead.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
 		2020-12-30 11:50:54 +01:00
..
Kconfig treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
Makefile afs: do not send list of client addresses 2019-06-02 18:06:26 -07:00
addr_list.c Keyrings namespacing 2019-07-08 19:36:47 -07:00
afs.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
afs_cm.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
afs_fs.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
afs_vl.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
cache.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
callback.c afs: Fix possible assert with callbacks from yfs servers 2019-11-22 14:19:26 -08:00
cell.c afs: Fix storage of cell names 2020-06-30 15:37:02 -04:00
cmservice.c afs: Fix to actually set AFS_SERVER_FL_HAVE_EPOCH 2020-05-02 08:48:43 +02:00
dir.c afs: Always include dir in bulk status fetch from afs_do_lookup() 2020-06-24 17:50:46 +02:00
dir_edit.c afs: Remove set but not used variables 'before', 'after' 2020-01-26 10:01:08 +01:00
dir_silly.c afs: Fix race between post-modification dir edit and readdir/d_revalidate 2020-04-23 10:36:25 +02:00
dynroot.c afs: Fix NULL deref in afs_dynroot_depopulate() 2020-08-26 10:41:05 +02:00
file.c fs: afs: Fix a possible null-pointer dereference in afs_put_read() 2019-07-30 14:38:51 +01:00
flock.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
fs_probe.c rxrpc: Make rxrpc_kernel_get_srtt() indicate validity 2020-09-09 19:12:23 +02:00
fsclient.c afs: Set error flag rather than return error from file status decode 2020-06-24 17:50:46 +02:00
inode.c afs: Fix EOF corruption 2020-06-24 17:50:46 +02:00
internal.h afs: Fix storage of cell names 2020-06-30 15:37:02 -04:00
main.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
misc.c afs: Fix the mapping of the UAEOVERFLOW abort code 2020-06-24 17:50:46 +02:00
mntpt.c afs: Fix mountpoint parsing 2020-01-09 10:19:48 +01:00
proc.c afs: Fix memory leak in afs_put_sysnames() 2020-06-24 17:50:42 +02:00
protocol_uae.h afs: Add support for the UAE error table 2019-06-28 18:37:53 +01:00
protocol_yfs.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36 2019-05-24 17:27:11 +02:00
rotate.c afs: Make record checking use TASK_UNINTERRUPTIBLE when appropriate 2020-05-02 08:48:43 +02:00
rxrpc.c afs: Set error flag rather than return error from file status decode 2020-06-24 17:50:46 +02:00
security.c afs: Support RCU pathwalk 2019-09-02 11:43:54 +01:00
server.c afs: Make record checking use TASK_UNINTERRUPTIBLE when appropriate 2020-05-02 08:48:43 +02:00
server_list.c AFS development 2019-07-10 20:55:33 -07:00
super.c afs: Fix memory leak when mounting with multiple source parameters 2020-12-30 11:50:54 +01:00
vl_list.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
vl_probe.c rxrpc: Make rxrpc_kernel_get_srtt() indicate validity 2020-09-09 19:12:23 +02:00
vl_rotate.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36 2019-05-24 17:27:11 +02:00
vlclient.c afs: Fix loop index mixup in afs_deliver_vl_get_entry_by_name_u() 2019-07-30 14:38:51 +01:00
volume.c afs: Make record checking use TASK_UNINTERRUPTIBLE when appropriate 2020-05-02 08:48:43 +02:00
write.c afs: afs_write_end() should change i_size under the right lock 2020-06-24 17:50:46 +02:00
xattr.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36 2019-05-24 17:27:11 +02:00
xdr_fs.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36 2019-05-24 17:27:11 +02:00
yfsclient.c afs: Fix warning due to unadvanced marshalling pointer 2020-11-18 19:20:18 +01:00