diff options
author | Liu ShuoX <shuox.liu@intel.com> | 2014-03-12 14:34:06 +0100 |
---|---|---|
committer | Tony Luck <tony.luck@intel.com> | 2014-03-17 22:14:03 +0100 |
commit | e32634f5d57f1dce88624b70a6d625915f6ea09e (patch) | |
tree | 4513a848223494dfc910554f74f7e89b084c9e39 /fs/pstore | |
parent | pstore: Fix buffer overflow while write offset equal to buffer size (diff) | |
download | linux-e32634f5d57f1dce88624b70a6d625915f6ea09e.tar.xz linux-e32634f5d57f1dce88624b70a6d625915f6ea09e.zip |
pstore: Fix memory leak when decompress using big_oops_buf
After sucessful decompressing, the buffer which pointed by 'buf' will be
lost as 'buf' is overwrite by 'big_oops_buf' and will never be freed.
Signed-off-by: Liu ShuoX <shuox.liu@intel.com>
Acked-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Tony Luck <tony.luck@intel.com>
Diffstat (limited to 'fs/pstore')
-rw-r--r-- | fs/pstore/platform.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/fs/pstore/platform.c b/fs/pstore/platform.c index 78c3c2097787..46d269e38706 100644 --- a/fs/pstore/platform.c +++ b/fs/pstore/platform.c @@ -497,6 +497,7 @@ void pstore_get_records(int quiet) big_oops_buf_sz); if (unzipped_len > 0) { + kfree(buf); buf = big_oops_buf; size = unzipped_len; compressed = false; |