Commit:     fc6014771bde8a215a9a4ea24b45f76afeb3c922
Parent:     3d1c550874bcaf0d9b7fb66f601caed109074f4b
Author:     Chuck Lever <[EMAIL PROTECTED]>
AuthorDate: Wed Jan 16 16:38:10 2008 -0500
Committer:  Trond Myklebust <[EMAIL PROTECTED]>
CommitDate: Wed Jan 30 02:06:11 2008 -0500

    NFS: Address memory leaks in the NFS client mount option parser
    David Howells noticed that repeating the same mount option twice during an
    NFS mount request can result in orphaned memory in certain cases.
    Only the client_address and mount_server.hostname strings are initialized
    in the mount parsing loop, so those appear to be the only two pointers that
    might be written over by repeating a mount option.  The strings in the
    nfs_server section of the nfs_parsed_mount_data structure are set only once
    after the options are parsed, thus these are not susceptible to being
    Signed-off-by: Chuck Lever <[EMAIL PROTECTED]>
    Signed-off-by: Trond Myklebust <[EMAIL PROTECTED]>
 fs/nfs/super.c |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/fs/nfs/super.c b/fs/nfs/super.c
index 0d1bc61..22c49c0 100644
--- a/fs/nfs/super.c
+++ b/fs/nfs/super.c
@@ -1006,12 +1006,14 @@ static int nfs_parse_mount_options(char *raw,
                        string = match_strdup(args);
                        if (string == NULL)
                                goto out_nomem;
+                       kfree(mnt->client_address);
                        mnt->client_address = string;
                case Opt_mounthost:
                        string = match_strdup(args);
                        if (string == NULL)
                                goto out_nomem;
+                       kfree(mnt->mount_server.hostname);
                        mnt->mount_server.hostname = string;
                case Opt_mountaddr:
To unsubscribe from this list: send the line "unsubscribe git-commits-head" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at

Reply via email to