WSL2-Linux-Kernel/security
Gaosheng Cui 2de8eec8af capabilities: fix potential memleak on error path from vfs_getxattr_alloc()
commit 8cf0a1bc12 upstream.

In cap_inode_getsecurity(), we will use vfs_getxattr_alloc() to
complete the memory allocation of tmpbuf, if we have completed
the memory allocation of tmpbuf, but failed to call handler->get(...),
there will be a memleak in below logic:

  |-- ret = (int)vfs_getxattr_alloc(mnt_userns, ...)
    |           /* ^^^ alloc for tmpbuf */
    |-- value = krealloc(*xattr_value, error + 1, flags)
    |           /* ^^^ alloc memory */
    |-- error = handler->get(handler, ...)
    |           /* error! */
    |-- *xattr_value = value
    |           /* xattr_value is &tmpbuf (memory leak!) */

So we will try to free(tmpbuf) after vfs_getxattr_alloc() fails to fix it.

Cc: stable@vger.kernel.org
Fixes: 8db6c34f1d ("Introduce v3 namespaced file capabilities")
Signed-off-by: Gaosheng Cui <cuigaosheng1@huawei.com>
Acked-by: Serge Hallyn <serge@hallyn.com>
[PM: subject line and backtrace tweaks]
Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2022-11-10 18:15:39 +01:00
..
apparmor apparmor: Fix memleak in aa_simple_write_to_buffer() 2022-08-25 11:40:01 +02:00
bpf
integrity ima: fix blocking of security.ima xattrs of unsupported algorithms 2022-10-26 12:34:35 +02:00
keys KEYS: trusted: tpm2: Fix migratable logic 2022-06-14 18:36:25 +02:00
landlock landlock: Fix same-layer rule unions 2022-06-09 10:23:24 +02:00
loadpin
lockdown
safesetid
selinux selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context() 2022-10-29 10:12:54 +02:00
smack Fix incorrect type in assignment of ipv6 port for audit 2022-04-08 14:23:55 +02:00
tomoyo TOMOYO: fix __setup handlers return values 2022-04-08 14:23:35 +02:00
yama
Kconfig x86/retbleed: Add fine grained Kconfig knobs 2022-07-23 12:54:10 +02:00
Kconfig.hardening hardening: Remove Clang's enable flag for -ftrivial-auto-var-init=zero 2022-10-26 12:34:28 +02:00
Makefile security: remove unneeded subdir-$(CONFIG_...) 2021-09-03 08:17:20 +09:00
commoncap.c capabilities: fix potential memleak on error path from vfs_getxattr_alloc() 2022-11-10 18:15:39 +01:00
device_cgroup.c
inode.c
lsm_audit.c
min_addr.c
security.c lockdown: also lock down previous kgdb use 2022-05-25 09:57:37 +02:00