block: do not leak memory in bio_copy_user_iov() [Linux 3.16.72]

This Linux kernel change "block: do not leak memory in bio_copy_user_iov()" is included in the Linux 3.16.72 release. This change is authored by Jérôme Glisse <jglisse [at] redhat.com> on Wed Apr 10 16:27:51 2019 -0400. The commit for this change in Linux stable tree is 06b4ee3 (patch) which is from upstream commit a3761c3. The same Linux upstream change may have been applied to various maintained Linux releases and you can find all Linux releases containing changes from upstream a3761c3.

block: do not leak memory in bio_copy_user_iov()

commit a3761c3c91209b58b6f33bf69dd8bb8ec0c9d925 upstream.

When bio_add_pc_page() fails in bio_copy_user_iov() we should free
the page we just allocated otherwise we are leaking it.

Cc: [email protected]
Cc: Linus Torvalds <[email protected]>
Reviewed-by: Chaitanya Kulkarni <[email protected]>
Signed-off-by: Jérôme Glisse <[email protected]>
Signed-off-by: Jens Axboe <[email protected]>
Signed-off-by: Ben Hutchings <[email protected]>

There are 5 lines of Linux source code added/deleted in this change. Code changes to Linux kernel are as follows.

 block/bio.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/block/bio.c b/block/bio.c
index 4218dab..3163dac 100644
--- a/block/bio.c
+++ b/block/bio.c
@@ -1216,8 +1216,11 @@ struct bio *bio_copy_user_iov(struct request_queue *q,
            }
        }

-       if (bio_add_pc_page(q, bio, page, bytes, offset) < bytes)
+       if (bio_add_pc_page(q, bio, page, bytes, offset) < bytes) {
+           if (!map_data)
+               __free_page(page);
            break;
+       }

        len -= bytes;
        offset = 0;

Leave a Reply

Your email address will not be published. Required fields are marked *