Re: [PATCH] vfs: rw_copy_check_uvector() - free iov on error

From: Eric Biggers
Date: Wed Apr 23 2014 - 01:25:45 EST

Next message: Jaegeuk Kim: "[PATCH 1/3] f2fs: clean up long variable names"
Previous message: Ian Kent: "[PATCH] autofs - fix lockref lookup"
In reply to: Eric Biggers: "Re: [PATCH] vfs: rw_copy_check_uvector() - free iov on error"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Apr 23, 2014 at 12:06:39AM -0500, Eric Biggers wrote:
> The proposed patch doesn't work because in compat_rw_copy_check_uvector(), 'iov'
> is incremented in the loop before it is freed or returned. This probably should
> be changed to indexing with 'seg', like in the non-compat version...

Also, there is still a memory leak in vmsplice() as it does not free the iov
buffer if 0 is returned from rw_copy_check_uvector() (possible if all segments
are of zero length).
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jaegeuk Kim: "[PATCH 1/3] f2fs: clean up long variable names"
Previous message: Ian Kent: "[PATCH] autofs - fix lockref lookup"
In reply to: Eric Biggers: "Re: [PATCH] vfs: rw_copy_check_uvector() - free iov on error"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]