linux_old1/fs
Oleg Nesterov e7fd1549ae coredump: format_corename() can leak cn->corename
do_coredump() assumes that format_corename() can only fail if
expand_corename() fails and frees cn->corename.  This is not true, for
example cn_print_exe_file() can fail and in this case nobody frees
cn->corename.

Change do_coredump() to always do kfree(cn->corename) after it calls
format_corename() (NULL is fine), change expand_corename() to do nothing
if kmalloc() fails.

Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Cc: Andi Kleen <andi@firstfloor.org>
Cc: Colin Walters <walters@verbum.org>
Cc: Denys Vlasenko <vda.linux@googlemail.com>
Cc: Jiri Slaby <jslaby@suse.cz>
Cc: Lennart Poettering <mzxreary@0pointer.de>
Cc: Lucas De Marchi <lucas.de.marchi@gmail.com>
Acked-by: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2013-07-03 16:08:02 -07:00
..
9p Lots of bug fixes, cleanups and optimizations. In the bug fixes 2013-07-02 09:39:34 -07:00
adfs Don't pass inode to ->d_hash() and ->d_compare() 2013-06-29 12:57:36 +04:00
affs Don't pass inode to ->d_hash() and ->d_compare() 2013-06-29 12:57:36 +04:00
afs Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-07-03 09:10:19 -07:00
autofs4 [readdir] switch dcache_readdir() users to ->iterate() 2013-06-29 12:46:48 +04:00
befs [readdir] convert befs 2013-06-29 12:56:55 +04:00
bfs [readdir] convert bfs 2013-06-29 12:56:33 +04:00
btrfs Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-07-03 09:10:19 -07:00
cachefiles mm: remove lru parameter from __pagevec_lru_add and remove parts of pagevec API 2013-07-03 16:07:31 -07:00
ceph Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-07-03 09:10:19 -07:00
cifs Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-07-03 09:10:19 -07:00
coda coda: don't bother with find_inode_number() 2013-06-29 12:57:20 +04:00
configfs configfs: use capped length for ->store_attribute() 2013-07-03 16:07:23 -07:00
cramfs [readdir] convert f2fs 2013-06-29 12:56:46 +04:00
debugfs debugfs: write_file_bool() - ensure strtobool() operates on valid data 2013-06-03 13:55:02 -07:00
devpts fs: Limit sys_mount to only request filesystem modules (Part 2). 2013-03-07 01:08:55 -08:00
dlm dlm: Avoid LVB truncation 2013-06-26 11:38:02 -05:00
ecryptfs ecryptfs: switch ecryptfs_decode_and_decrypt_filename() from dentry to sb 2013-06-29 12:57:25 +04:00
efivarfs Don't pass inode to ->d_hash() and ->d_compare() 2013-06-29 12:57:36 +04:00
efs [readdir] convert efs 2013-06-29 12:56:31 +04:00
exofs Lots of bug fixes, cleanups and optimizations. In the bug fixes 2013-07-02 09:39:34 -07:00
exportfs [readdir] constify ->actor 2013-06-29 12:57:05 +04:00
ext2 [O_TMPFILE] it's still short a few helpers, but infrastructure should be OK now... 2013-06-29 12:57:10 +04:00
ext3 mm: vmscan: take page buffers dirty and locked state into account 2013-07-03 16:07:29 -07:00
ext4 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-07-03 09:10:19 -07:00
f2fs This patch-set includes the following major enhancement patches. 2013-07-02 09:42:38 -07:00
fat fs/fat: use fat_msg() to replace printk() in __fat_fs_error() 2013-07-03 16:08:01 -07:00
freevxfs [readdir] convert freevxfs 2013-06-29 12:56:53 +04:00
fscache FS-Cache: Don't use spin_is_locked() in assertions 2013-06-19 14:16:47 +01:00
fuse mm: use totalram_pages instead of num_physpages at runtime 2013-07-03 16:07:35 -07:00
gfs2 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-07-03 09:10:19 -07:00
hfs Don't pass inode to ->d_hash() and ->d_compare() 2013-06-29 12:57:36 +04:00
hfsplus Don't pass inode to ->d_hash() and ->d_compare() 2013-06-29 12:57:36 +04:00
hostfs [readdir] convert hostfs 2013-06-29 12:56:59 +04:00
hpfs Don't pass inode to ->d_hash() and ->d_compare() 2013-06-29 12:57:36 +04:00
hppfs clean up scary strncpy(dst, src, strlen(src)) uses 2013-07-03 16:07:41 -07:00
hugetlbfs hugetlbfs: fix mmap failure in unaligned size request 2013-05-07 18:38:27 -07:00
isofs Don't pass inode to ->d_hash() and ->d_compare() 2013-06-29 12:57:36 +04:00
jbd jbd: change journal_invalidatepage() to accept length 2013-05-21 23:26:36 -04:00
jbd2 jbd2: invalidate handle if jbd2_journal_restart() fails 2013-07-01 08:12:41 -04:00
jffs2 [readdir] convert jffs2 2013-06-29 12:56:47 +04:00
jfs Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-07-03 09:10:19 -07:00
lockd drivers: avoid parsing names as kthread_run() format strings 2013-07-03 16:07:41 -07:00
logfs Lots of bug fixes, cleanups and optimizations. In the bug fixes 2013-07-02 09:39:34 -07:00
minix minix: bug widening a binary "not" operation 2013-06-29 12:57:35 +04:00
ncpfs ncpfs: use vma_pages() to replace (vm_end - vm_start) >> PAGE_SHIFT 2013-07-03 16:07:26 -07:00
nfs drivers: avoid parsing names as kthread_run() format strings 2013-07-03 16:07:41 -07:00
nfs_common nfs_common: Update the translation between nfsv3 acls linux posix acls 2013-02-13 06:15:14 -08:00
nfsd locks: protect most of the file_lock handling with i_lock 2013-06-29 12:57:42 +04:00
nilfs2 ] nilfs2: use atomic64_t type for inodes_count and blocks_count fields in nilfs_root struct 2013-07-03 16:08:01 -07:00
nls
notify fanotify: quit wanking with FASYNC in ->release() 2013-06-29 12:57:23 +04:00
ntfs Lots of bug fixes, cleanups and optimizations. In the bug fixes 2013-07-02 09:39:34 -07:00
ocfs2 ocfs2: fix NULL pointer dereference when traversing o2hb_all_regions 2013-07-03 16:07:25 -07:00
omfs [readdir] convert omfs 2013-06-29 12:56:37 +04:00
openpromfs [readdir] convert openpromfs 2013-06-29 12:56:32 +04:00
proc vmcore: support mmap() on /proc/vmcore 2013-07-03 16:07:30 -07:00
pstore Couple of pstore cleanups 2013-05-09 16:42:10 -07:00
qnx4 [readdir] convert qnx4 2013-06-29 12:56:38 +04:00
qnx6 [readdir] convert qnx6 2013-06-29 12:56:39 +04:00
quota quota: add missing use of dq_data_lock in __dquot_initialize 2013-03-11 22:05:56 +01:00
ramfs Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-02-26 20:16:07 -08:00
reiserfs Lots of bug fixes, cleanups and optimizations. In the bug fixes 2013-07-02 09:39:34 -07:00
romfs [readdir] convert romfs 2013-06-29 12:56:29 +04:00
squashfs [readdir] convert squashfs 2013-06-29 12:56:28 +04:00
sysfs Driver core patches for 3.11-rc1 2013-07-02 11:44:19 -07:00
sysv Don't pass inode to ->d_hash() and ->d_compare() 2013-06-29 12:57:36 +04:00
ubifs Lots of bug fixes, cleanups and optimizations. In the bug fixes 2013-07-02 09:39:34 -07:00
udf udf: provide ->tmpfile() 2013-06-29 12:57:12 +04:00
ufs [readdir] simple local unixlike: switch to ->iterate() 2013-06-29 12:46:47 +04:00
xfs Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-07-03 09:10:19 -07:00
Kconfig efivarfs: Move to fs/efivarfs 2013-04-17 13:25:09 +01:00
Kconfig.binfmt fs: make binfmt support for #! scripts modular and removable 2013-04-30 17:04:04 -07:00
Makefile Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-05-01 17:51:54 -07:00
aio.c constify rw_verify_area() 2013-06-29 12:57:34 +04:00
anon_inodes.c get_empty_filp()/alloc_file() leave both ->f_pos and ->f_version zero 2013-02-26 02:46:11 -05:00
attr.c
bad_inode.c [readdir] ->readdir() is gone 2013-06-29 12:57:04 +04:00
binfmt_aout.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-05-01 17:51:54 -07:00
binfmt_elf.c Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc 2013-05-02 10:16:16 -07:00
binfmt_elf_fdpic.c Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc 2013-05-02 10:16:16 -07:00
binfmt_em86.c
binfmt_flat.c new helper: read_code() 2013-04-29 15:40:23 -04:00
binfmt_misc.c binfmt_misc: reuse string_unescape_inplace() 2013-04-30 17:04:03 -07:00
binfmt_script.c
binfmt_som.c
bio-integrity.c bio-integrity: Add explicit field for owner of bip_buf 2013-03-23 14:26:34 -07:00
bio.c Merge branch 'for-3.10/core' of git://git.kernel.dk/linux-block 2013-05-08 10:13:35 -07:00
block_dev.c mm: vmscan: take page buffers dirty and locked state into account 2013-07-03 16:07:29 -07:00
buffer.c mm: vmscan: take page buffers dirty and locked state into account 2013-07-03 16:07:29 -07:00
char_dev.c
compat.c [readdir] constify ->actor 2013-06-29 12:57:05 +04:00
compat_binfmt_elf.c
compat_ioctl.c compat.c: LOOP_CLR_FD is taken care of in loop.c itself... 2013-06-29 12:46:44 +04:00
coredump.c coredump: format_corename() can leak cn->corename 2013-07-03 16:08:02 -07:00
coredump.h
dcache.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-07-03 09:10:19 -07:00
dcookies.c consolidate compat lookup_dcookie() 2013-03-03 23:00:23 -05:00
direct-io.c Merge branch 'for-3.10/core' of git://git.kernel.dk/linux-block 2013-05-08 10:13:35 -07:00
drop_caches.c
eventfd.c
eventpoll.c signals: eventpoll: do not use sigprocmask() 2013-07-03 16:08:01 -07:00
exec.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-07-03 09:10:19 -07:00
fcntl.c new helper: file_inode(file) 2013-02-22 23:31:31 -05:00
fhandle.c
file.c don't bother with deferred freeing of fdtables 2013-05-01 17:31:42 -04:00
file_table.c Replace a bunch of file->dentry->d_inode refs with file_inode() 2013-06-29 12:57:13 +04:00
filesystems.c fs: Limit sys_mount to only request filesystem modules. 2013-03-03 19:36:31 -08:00
fs-writeback.c sync: don't block the flusher thread waiting on IO 2013-07-02 09:16:42 -07:00
fs_struct.c constify path_get/path_put and fs_struct.c stuff 2013-03-01 23:51:07 -05:00
generic_acl.c
inode.c allow the temp files created by open() to be linked to 2013-06-29 12:57:11 +04:00
internal.h constify rw_verify_area() 2013-06-29 12:57:34 +04:00
ioctl.c new helper: file_inode(file) 2013-02-22 23:31:31 -05:00
ioprio.c
libfs.c [readdir] switch dcache_readdir() users to ->iterate() 2013-06-29 12:46:48 +04:00
locks.c locks: give the blocked_hash its own spinlock 2013-06-29 12:57:46 +04:00
mbcache.c
mount.h get rid of full-hash scan on detaching vfsmounts 2013-04-09 14:12:52 -04:00
mpage.c
namei.c Don't pass inode to ->d_hash() and ->d_compare() 2013-06-29 12:57:36 +04:00
namespace.c create_mnt_ns: unidiomatic use of list_add() 2013-05-04 15:18:53 -04:00
no-block.c
open.c [O_TMPFILE] it's still short a few helpers, but infrastructure should be OK now... 2013-06-29 12:57:10 +04:00
pipe.c aio: don't include aio.h in sched.h 2013-05-07 20:16:25 -07:00
pnode.c vfs: Fix invalid ida_remove() call 2013-05-31 15:16:33 -04:00
pnode.h Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-05-01 17:51:54 -07:00
posix_acl.c
proc_namespace.c
read_write.c vfs: export lseek_execute() to modules 2013-07-03 16:23:27 +04:00
readdir.c [readdir] constify ->actor 2013-06-29 12:57:05 +04:00
select.c
seq_file.c new helper: single_open_size() 2013-04-09 14:13:29 -04:00
signalfd.c switch signalfd{,4}() to COMPAT_SYSCALL_DEFINE 2013-03-03 22:58:46 -05:00
splice.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-07-03 09:10:19 -07:00
stack.c
stat.c switch vfs_getattr() to struct path 2013-02-26 02:46:08 -05:00
statfs.c
super.c hlist: drop the node parameter from iterators 2013-02-27 19:10:24 -08:00
sync.c teach SYSCALL_DEFINE<n> how to deal with long long/unsigned long long 2013-03-03 22:46:22 -05:00
timerfd.c compat: restore timerfd settime and gettime compat syscalls 2013-03-02 09:35:13 -05:00
utimes.c
xattr.c
xattr_acl.c