audit: fix potential double free on error path from fsnotify_add_inode_mark (5985e603) · Commits · Summer2022 / 22b970497

Commit 5985e603 authored 2 years ago by

Gaosheng Cui Committed by Yongqiang Liu 2 years ago

audit: fix potential double free on error path from fsnotify_add_inode_mark

stable inclusion
from stable-v4.19.257
commit 1133d90d9d9ff3def7fc5ba160381cd611aa51ee
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I5UQH4


CVE: NA

--------------------------------

commit ad982c3be4e60c7d39c03f782733503cbd88fd2a upstream.

Audit_alloc_mark() assign pathname to audit_mark->path, on error path
from fsnotify_add_inode_mark(), fsnotify_put_mark will free memory
of audit_mark->path, but the caller of audit_alloc_mark will free
the pathname again, so there will be double free problem.

Fix this by resetting audit_mark->path to NULL pointer on error path
from fsnotify_add_inode_mark().

Cc: stable@vger.kernel.org
Fixes: 7b129323 ("fsnotify: Add group pointer in fsnotify_init_mark()")
Signed-off-by: Gaosheng Cui <cuigaosheng1@huawei.com>
Reviewed-by: Jan Kara <jack@suse.cz>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-of...

parent 4fd23147

No related branches found

No related tags found

Hide whitespace changes

Inline Side-by-side

Showing with 1 addition and 0 deletions

Please register or to comment