lkdtm: fix memory leak of base
This case is supposed to read from a memory after it has been freed, but we missed freeing base if the memory 'val' could not be allocated. Signed-off-by: Sudip Mukherjee <sudip.mukherjee@codethink.co.uk> Signed-off-by: Kees Cook <keescook@chromium.org>
This commit is contained in:

کامیت شده توسط
Kees Cook

والد
50fbd97773
کامیت
d2e10088ce
@@ -458,8 +458,10 @@ static void lkdtm_do_action(enum ctype which)
|
||||
break;
|
||||
|
||||
val = kmalloc(len, GFP_KERNEL);
|
||||
if (!val)
|
||||
if (!val) {
|
||||
kfree(base);
|
||||
break;
|
||||
}
|
||||
|
||||
*val = 0x12345678;
|
||||
base[offset] = *val;
|
||||
|
مرجع در شماره جدید
Block a user