diff options
| author | Artem Bityutskiy <Artem.Bityutskiy@nokia.com> | 2011-05-06 17:08:56 +0300 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@suse.de> | 2011-06-03 10:34:38 +0900 |
| commit | c02eace342342b3156426e7a5ffe1ddc93552c51 (patch) | |
| tree | cc36596dfb623fd4e7e47594c8a70f0650f592dd | |
| parent | b93e342044640789e34a48893c120875afbcb07d (diff) | |
UBIFS: fix a rare memory leak in ro to rw remounting path
commit eaeee242c531cd4b0a4a46e8b5dd7ef504380c42 upstream.
When re-mounting from R/O mode to R/W mode and the LEB count in the superblock
is not up-to date, because for the underlying UBI volume became larger, we
re-write the superblock. We allocate RAM for these purposes, but never free it.
So this is a memory leak, although very rare one.
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
| -rw-r--r-- | fs/ubifs/sb.c | 3 | ||||
| -rw-r--r-- | fs/ubifs/super.c | 1 |
2 files changed, 3 insertions, 1 deletions
diff --git a/fs/ubifs/sb.c b/fs/ubifs/sb.c index bf31b4729e51..cad60b51f7c4 100644 --- a/fs/ubifs/sb.c +++ b/fs/ubifs/sb.c @@ -475,7 +475,8 @@ failed: * @c: UBIFS file-system description object * * This function returns a pointer to the superblock node or a negative error - * code. + * code. Note, the user of this function is responsible of kfree()'ing the + * returned superblock buffer. */ struct ubifs_sb_node *ubifs_read_sb_node(struct ubifs_info *c) { diff --git a/fs/ubifs/super.c b/fs/ubifs/super.c index e20cb5a9aee5..38749e76dda5 100644 --- a/fs/ubifs/super.c +++ b/fs/ubifs/super.c @@ -1560,6 +1560,7 @@ static int ubifs_remount_rw(struct ubifs_info *c) } sup->leb_cnt = cpu_to_le32(c->leb_cnt); err = ubifs_write_sb_node(c, sup); + kfree(sup); if (err) goto out; } |