SUNRPC: fix some memleaks in gssx_dec_option_array

author Zhipeng Lu <alexious@zju.edu.cn>

Tue, 2 Jan 2024 05:38:13 +0000 (13:38 +0800)

committer Sasha Levin <sashal@kernel.org>

Tue, 26 Mar 2024 22:21:51 +0000 (18:21 -0400)
author Zhipeng Lu <alexious@zju.edu.cn>
Tue, 2 Jan 2024 05:38:13 +0000 (13:38 +0800)
committer Sasha Levin <sashal@kernel.org>
Tue, 26 Mar 2024 22:21:51 +0000 (18:21 -0400)
diff --git a/net/sunrpc/auth_gss/gss_rpc_xdr.c b/net/sunrpc/auth_gss/gss_rpc_xdr.c

index 2ff7b7083ebab9dee3d4d1196be181cb39ba6c11..e265b8d38aa14db3f7c89e5a050e7d45b890e586 100644 (file)
--- a/net/sunrpc/auth_gss/gss_rpc_xdr.c
+++ b/net/sunrpc/auth_gss/gss_rpc_xdr.c
@@ -250,8 +250,8 @@ static int gssx_dec_option_array(struct xdr_stream *xdr,
  
         creds = kzalloc(sizeof(struct svc_cred), GFP_KERNEL);
         if (!creds) {
-               kfree(oa->data);
-               return -ENOMEM;
+               err = -ENOMEM;
+               goto free_oa;
         }
  
         oa->data[0].option.data = CREDS_VALUE;
@@ -265,29 +265,40 @@ static int gssx_dec_option_array(struct xdr_stream *xdr,
  
                 /* option buffer */
                 p = xdr_inline_decode(xdr, 4);
-               if (unlikely(p == NULL))
-                       return -ENOSPC;
+               if (unlikely(p == NULL)) {
+                       err = -ENOSPC;
+                       goto free_creds;
+               }
  
                 length = be32_to_cpup(p);
                 p = xdr_inline_decode(xdr, length);
-               if (unlikely(p == NULL))
-                       return -ENOSPC;
+               if (unlikely(p == NULL)) {
+                       err = -ENOSPC;
+                       goto free_creds;
+               }
  
                 if (length == sizeof(CREDS_VALUE) &&
                     memcmp(p, CREDS_VALUE, sizeof(CREDS_VALUE)) == 0) {
                         /* We have creds here. parse them */
                         err = gssx_dec_linux_creds(xdr, creds);
                         if (err)
-                               return err;
+                               goto free_creds;
                         oa->data[0].value.len = 1; /* presence */
                 } else {
                         /* consume uninteresting buffer */
                         err = gssx_dec_buffer(xdr, &dummy);
                         if (err)
-                               return err;
+                               goto free_creds;
                 }
         }
         return 0;
+
+free_creds:
+       kfree(creds);
+free_oa:
+       kfree(oa->data);
+       oa->data = NULL;
+       return err;
  }
  
  static int gssx_dec_status(struct xdr_stream *xdr,
author	Zhipeng Lu <alexious@zju.edu.cn>
	Tue, 2 Jan 2024 05:38:13 +0000 (13:38 +0800)
committer	Sasha Levin <sashal@kernel.org>
	Tue, 26 Mar 2024 22:21:51 +0000 (18:21 -0400)