ocfs2: free memory allocated by inode_init_security

The LSM security_inode_init_security() hook allocates memory
for xattr name and value, expecting the caller to release
the memory afterwards.

reported-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: Tiger Yang <tiger.yang@oracle.com>
Signed-off-by: Joel Becker <jlbec@evilplan.org>

diff --git a/fs/ocfs2/xattr.c b/fs/ocfs2/xattr.c
index 81ecf9c0bf0ad41e0ac2fd523b1538afc3f57a07..fcd77a03fc631a403aa01a4d4e31565e920bbbd0 100644 (file)
--- a/fs/ocfs2/xattr.c
+++ b/fs/ocfs2/xattr.c
@@ -7185,12 +7185,11 @@ int ocfs2_init_security_and_acl(struct inode *dir,
 {
        int ret = 0;
        struct buffer_head *dir_bh = NULL;
-       struct ocfs2_security_xattr_info si = {
-               .enable = 1,
-       };
+       struct ocfs2_security_xattr_info si = {0, };
 
        ret = ocfs2_init_security_get(inode, dir, qstr, &si);
        if (!ret) {
+               si.enable = 1;
                ret = ocfs2_xattr_set(inode, OCFS2_XATTR_INDEX_SECURITY,
                                      si.name, si.value, si.value_len,
                                      XATTR_CREATE);
@@ -7216,6 +7215,10 @@ int ocfs2_init_security_and_acl(struct inode *dir,
        ocfs2_inode_unlock(dir, 0);
        brelse(dir_bh);
 leave:
+       if (si.enable) {
+               kfree(si.name);
+               kfree(si.value);
+       }
        return ret;
 }
 /*