btrfs: ref-verify: fix memory leaks in btrfs_ref_tree_mod()
stable inclusion from stable-v6.6.5 commit 88287582f4d2dec54f934f3ab39cead5d880e6c2 category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I8N21P Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=88287582f4d2dec54f934f3ab39cead5d880e6c2 -------------------------------- commit f91192cd68591c6b037da345bc9fcd5e50540358 upstream. In btrfs_ref_tree_mod(), when !parent 're' was allocated through kmalloc(). In the following code, if an error occurs, the execution will be redirected to 'out' or 'out_unlock' and the function will be exited. However, on some of the paths, 're' are not deallocated and may lead to memory leaks. For example: lookup_block_entry() for 'be' returns NULL, the out label will be invoked. During that flow ref and 'ra' are freed but not 're', which can potentially lead to a memory leak. CC: stable@vger.kernel.org # 5.10+ Reported-and-tested-by:<syzbot+d66de4cbf532749df35f@syzkaller.appspotmail.com> Closes: https://syzkaller.appspot.com/bug?extid=d66de4cbf532749df35f Signed-off-by:
Loading
Please sign in to comment