ext4 crypto: clean up error handling in ext4_fname_setup_filename
Theodore Ts'o [Fri, 29 May 2015 01:39:33 +0000 (21:39 -0400)]
Fix a potential memory leak where fname->crypto_buf.name wouldn't get
freed in some error paths, and also make the error handling easier to
understand/audit.

Change-Id: I251041ff2df61dcc2a818539783cfc0de2e2933a
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Theodore Ts'o <tytso@google.com>

fs/ext4/crypto_fname.c

index 29a2dc9..23af41f 100644 (file)
@@ -401,7 +401,7 @@ int ext4_fname_setup_filename(struct inode *dir, const struct qstr *iname,
              ((iname->name[1] == '.') && (iname->len == 2))))) {
                fname->disk_name.name = (unsigned char *) iname->name;
                fname->disk_name.len = iname->len;
-               goto out;
+               return 0;
        }
        ret = ext4_get_encryption_info(dir);
        if (ret)
@@ -411,19 +411,16 @@ int ext4_fname_setup_filename(struct inode *dir, const struct qstr *iname,
                ret = ext4_fname_crypto_alloc_buffer(dir, iname->len,
                                                     &fname->crypto_buf);
                if (ret < 0)
-                       goto out;
+                       return ret;
                ret = ext4_fname_encrypt(dir, iname, &fname->crypto_buf);
                if (ret < 0)
-                       goto out;
+                       goto errout;
                fname->disk_name.name = fname->crypto_buf.name;
                fname->disk_name.len = fname->crypto_buf.len;
-               ret = 0;
-               goto out;
-       }
-       if (!lookup) {
-               ret = -EACCES;
-               goto out;
+               return 0;
        }
+       if (!lookup)
+               return -EACCES;
 
        /* We don't have the key and we are doing a lookup; decode the
         * user-supplied name
@@ -431,19 +428,17 @@ int ext4_fname_setup_filename(struct inode *dir, const struct qstr *iname,
        if (iname->name[0] == '_')
                bigname = 1;
        if ((bigname && (iname->len != 33)) ||
-           (!bigname && (iname->len > 43))) {
-               ret = -ENOENT;
-       }
+           (!bigname && (iname->len > 43)))
+               return -ENOENT;
+
        fname->crypto_buf.name = kmalloc(32, GFP_KERNEL);
-       if (fname->crypto_buf.name == NULL) {
-               ret = -ENOMEM;
-               goto out;
-       }
+       if (fname->crypto_buf.name == NULL)
+               return -ENOMEM;
        ret = digest_decode(iname->name + bigname, iname->len - bigname,
                            fname->crypto_buf.name);
        if (ret < 0) {
                ret = -ENOENT;
-               goto out;
+               goto errout;
        }
        fname->crypto_buf.len = ret;
        if (bigname) {
@@ -453,8 +448,10 @@ int ext4_fname_setup_filename(struct inode *dir, const struct qstr *iname,
                fname->disk_name.name = fname->crypto_buf.name;
                fname->disk_name.len = fname->crypto_buf.len;
        }
-       ret = 0;
-out:
+       return 0;
+errout:
+       kfree(fname->crypto_buf.name);
+       fname->crypto_buf.name = NULL;
        return ret;
 }