[Patch 5/9] fs/binfmt_em86.c: fix resource leaks
From: WANG Cong
Date: Thu May 08 2008 - 09:57:02 EST
->load_binary()'s caller only frees resources which ->load_binary() applied
when it succeeded, so ->load_binary() itself should free the resources on
failure.
Signed-off-by: WANG Cong <wangcong@xxxxxxxxx>
---
diff --git a/fs/binfmt_em86.c b/fs/binfmt_em86.c
index f9c88d0..caa8466 100644
--- a/fs/binfmt_em86.c
+++ b/fs/binfmt_em86.c
@@ -69,11 +69,13 @@ static int load_em86(struct linux_binprm *bprm,struct pt_regs *regs)
bprm->argc++;
if (i_arg) {
retval = copy_strings_kernel(1, &i_arg, bprm);
- if (retval < 0) return retval;
+ if (retval < 0)
+ goto out;
bprm->argc++;
}
retval = copy_strings_kernel(1, &i_name, bprm);
- if (retval < 0) return retval;
+ if (retval < 0)
+ goto out;
bprm->argc++;
/*
@@ -82,16 +84,27 @@ static int load_em86(struct linux_binprm *bprm,struct pt_regs *regs)
* space, and we don't need to copy it.
*/
file = open_exec(interp);
- if (IS_ERR(file))
- return PTR_ERR(file);
+ if (IS_ERR(file)) {
+ retval = PTR_ERR(file);
+ goto out;
+ }
bprm->file = file;
retval = prepare_binprm(bprm);
- if (retval < 0)
- return retval;
+ if (retval < 0) {
+ if (bprm->file) {
+ allow_write_access(bprm->file);
+ fput(bprm->file);
+ }
+ goto out;
+ }
return search_binary_handler(bprm, regs);
+
+out:
+ free_arg_pages(bprm);
+ return retval;
}
static struct linux_binfmt em86_format = {
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/