Diffusion FreeBSD src repository 06ee0031a6d6

Fix memleak in zpl_parse_options
06ee0031a6d6
Actions

Description

Fix memleak in zpl_parse_options

strsep() will advance tmp_mntopts, and will change it to NULL on last
iteration. This will cause strfree(tmp_mntopts) to not free anything.

unreferenced object 0xffff8800883976c0 (size 64):

comm "mount.zfs", pid 3361, jiffies 4294931877 (age 1482.408s)
hex dump (first 32 bytes):
  72 77 00 73 74 72 69 63 74 61 74 69 6d 65 00 7a  rw.strictatime.z
  66 73 75 74 69 6c 00 6d 6e 74 70 6f 69 6e 74 3d  fsutil.mntpoint=
backtrace:
  [<ffffffff81810c4e>] kmemleak_alloc+0x4e/0xb0
  [<ffffffff811f9cac>] __kmalloc+0x16c/0x250
  [<ffffffffc065ce9b>] strdup+0x3b/0x60 [spl]
  [<ffffffffc080fad6>] zpl_parse_options+0x56/0x300 [zfs]
  [<ffffffffc080fe46>] zpl_mount+0x36/0x80 [zfs]
  [<ffffffff81222dc8>] mount_fs+0x38/0x160
  [<ffffffff81240097>] vfs_kern_mount+0x67/0x110
  [<ffffffff812428e0>] do_mount+0x250/0xe20
  [<ffffffff812437d5>] SyS_mount+0x95/0xe0
  [<ffffffff8181aff6>] entry_SYSCALL_64_fastpath+0x1e/0xa8
  [<ffffffffffffffff>] 0xffffffffffffffff

Signed-off-by: Chunwei Chen <david.chen@osnexus.com>
Signed-off-by: Tony Hutter <hutter2@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #4706
Issue #4708

Details

Provenance

Chunwei Chen <david.chen@osnexus.com>	Authored on May 27 2016, 10:44 PM
Brian Behlendorf <behlendorf1@llnl.gov>	Committed on May 31 2016, 11:04 PM

Parents

rG540c39279322: Fix out-of-bound access in zfs_fillpage

Branches

Unknown

Tags

Unknown

Event Timeline

Brian Behlendorf <behlendorf1@llnl.gov> committed rG06ee0031a6d6: Fix memleak in zpl_parse_options (authored by Chunwei Chen <david.chen@osnexus.com>).May 31 2016, 11:04 PM

Changes (1)

Path

Size

module/

zfs/

zpl_super.c

rG06ee0031a6d6

View Options