|
 |
36cfb7 |
From bafabe7a067e647f97ae0df277bded8b9349db50 Mon Sep 17 00:00:00 2001
|
|
|
36cfb7 |
From: Andrea Claudi <aclaudi@redhat.com>
|
|
|
36cfb7 |
Date: Mon, 29 Apr 2019 20:08:07 +0200
|
|
|
36cfb7 |
Subject: [PATCH] lib/bpf: Don't leak fp in bpf_find_mntpt()
|
|
|
36cfb7 |
|
|
|
36cfb7 |
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1465646
|
|
|
36cfb7 |
Upstream Status: iproute2.git commit c3724e4bc3a6c
|
|
|
36cfb7 |
|
|
|
36cfb7 |
commit c3724e4bc3a6c40dc846f0c3b02934d711bf81fb
|
|
|
36cfb7 |
Author: Phil Sutter <phil@nwl.cc>
|
|
|
36cfb7 |
Date: Mon Aug 21 16:46:51 2017 +0200
|
|
|
36cfb7 |
|
|
|
36cfb7 |
lib/bpf: Don't leak fp in bpf_find_mntpt()
|
|
|
36cfb7 |
|
|
|
36cfb7 |
If fopen() succeeded but len != PATH_MAX, the function leaks the open
|
|
|
36cfb7 |
FILE pointer. Fix this by checking len value before calling fopen().
|
|
|
36cfb7 |
|
|
|
36cfb7 |
Signed-off-by: Phil Sutter <phil@nwl.cc>
|
|
|
36cfb7 |
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
|
|
|
36cfb7 |
---
|
|
|
36cfb7 |
lib/bpf.c | 5 ++++-
|
|
|
36cfb7 |
1 file changed, 4 insertions(+), 1 deletion(-)
|
|
|
36cfb7 |
|
|
|
36cfb7 |
diff --git a/lib/bpf.c b/lib/bpf.c
|
|
|
36cfb7 |
index 3aabf44d1abf8..33c5288e82187 100644
|
|
|
36cfb7 |
--- a/lib/bpf.c
|
|
|
36cfb7 |
+++ b/lib/bpf.c
|
|
|
36cfb7 |
@@ -432,8 +432,11 @@ static const char *bpf_find_mntpt(const char *fstype, unsigned long magic,
|
|
|
36cfb7 |
}
|
|
|
36cfb7 |
}
|
|
|
36cfb7 |
|
|
|
36cfb7 |
+ if (len != PATH_MAX)
|
|
|
36cfb7 |
+ return NULL;
|
|
|
36cfb7 |
+
|
|
|
36cfb7 |
fp = fopen("/proc/mounts", "r");
|
|
|
36cfb7 |
- if (fp == NULL || len != PATH_MAX)
|
|
|
36cfb7 |
+ if (fp == NULL)
|
|
|
36cfb7 |
return NULL;
|
|
|
36cfb7 |
|
|
|
36cfb7 |
while (fscanf(fp, "%*s %" textify(PATH_MAX) "s %99s %*s %*d %*d\n",
|
|
|
36cfb7 |
--
|
|
|
e138d9 |
2.21.0
|
|
|
36cfb7 |
|