qiurui
/
Ubuntu-focal-kernel
mirror of https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/focal
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Ubuntu-focal-kernel/kernel
History
Gaosheng Cui 631a75efb6 audit: fix potential double free on error path from fsnotify_add_inode_mark 
BugLink: https://bugs.launchpad.net/bugs/1991156

commit ad982c3be4e60c7d39c03f782733503cbd88fd2a upstream.

Audit_alloc_mark() assign pathname to audit_mark->path, on error path
from fsnotify_add_inode_mark(), fsnotify_put_mark will free memory
of audit_mark->path, but the caller of audit_alloc_mark will free
the pathname again, so there will be double free problem.

Fix this by resetting audit_mark->path to NULL pointer on error path
from fsnotify_add_inode_mark().

Cc: stable@vger.kernel.org
Fixes: 7b12932340 ("fsnotify: Add group pointer in fsnotify_init_mark()")
Signed-off-by: Gaosheng Cui <cuigaosheng1@huawei.com>
Reviewed-by: Jan Kara <jack@suse.cz>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Kamal Mostafa <kamal@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>
 		2022-10-17 15:02:07 +02:00
..
bpf bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() 2022-09-16 11:00:21 +02:00
cgroup cgroup: Use separate src/dst nodes when preloading css_sets for migration 2022-09-16 10:59:12 +02:00
configs
debug UBUNTU: SAUCE: debug: Lock down kgdb 2022-05-21 11:27:20 -03:00
dma dma-debug: make things less spammy under memory pressure 2022-08-26 11:10:39 +02:00
events perf/core: Fix data race between perf_event_set_output() and perf_mmap_close() 2022-09-16 10:59:38 +02:00
gcov
irq genirq: Don't return error on missing optional irq_request_resources() 2022-10-17 15:00:22 +02:00
livepatch
locking locking/lockdep: Avoid RCU-induced noinstr fail 2022-01-13 18:42:05 +01:00
power PM: hibernate: defer device probing when resuming from hibernation 2022-10-17 15:00:27 +02:00
printk printk: fix return value of printk.devkmsg __setup handler 2022-05-20 15:18:43 +02:00
rcu rcu: Don't deboost before reporting expedited quiescent state 2022-05-20 15:18:07 +02:00
sched nohz/full, sched/rt: Fix missed tick-reenabling bug in dequeue_task_rt() 2022-10-17 15:00:33 +02:00
time timekeeping: contribute wall clock to rng on time change 2022-10-17 15:01:30 +02:00
trace tracing/probes: Have kprobes and uprobes use $COMM too 2022-10-17 15:02:04 +02:00
.gitignore
Kconfig.freezer
Kconfig.hz
Kconfig.locks
Kconfig.preempt
Makefile
acct.c
async.c Revert "module, async: async_synchronize_full() on module init iff async is used" 2022-04-14 11:32:16 +02:00
audit.c audit: improve audit queue handling when "audit=1" on cmdline 2022-03-29 09:13:56 +02:00
audit.h audit: log AUDIT_TIME_* records only from rules 2022-05-20 15:18:33 +02:00
audit_fsnotify.c audit: fix potential double free on error path from fsnotify_add_inode_mark 2022-10-17 15:02:07 +02:00
audit_tree.c
audit_watch.c
auditfilter.c
auditsc.c audit: log AUDIT_TIME_* records only from rules 2022-05-20 15:18:33 +02:00
backtracetest.c
bounds.c
capability.c
compat.c
configs.c
context_tracking.c
cpu.c random: clear fast pool, crng, and batches in cpuhp bring up 2022-08-26 11:10:11 +02:00
cpu_pm.c
crash_core.c
crash_dump.c
cred.c
delayacct.c
dma.c
exec_domain.c
exit.c
extable.c
fail_function.c
fork.c copy_process(): Move fd_install() out of sighand->siglock critical section 2022-04-14 11:32:25 +02:00
freezer.c
futex.c
gen_kheaders.sh
groups.c
hung_task.c
iomem.c
irq_work.c
jump_label.c jump_label: Fix usage in module __init 2021-11-25 12:09:02 +01:00
kallsyms.c
kcmp.c
kcov.c
kexec.c
kexec_core.c
kexec_elf.c
kexec_file.c kexec_file: drop weak attribute from arch_kexec_apply_relocations[_add] 2022-08-26 11:11:25 +02:00
kexec_internal.h
kheaders.c
kmod.c
kprobes.c kprobes: Forbid probing on trampoline and BPF code areas 2022-10-17 15:01:20 +02:00
ksysfs.c
kthread.c
latencytop.c
module-internal.h
module.c module/ftrace: handle patchable-function-entry 2022-04-14 11:32:17 +02:00
module_signature.c
module_signing.c
notifier.c
nsproxy.c
padata.c
panic.c
params.c
pid.c
pid_namespace.c
profile.c profiling: fix shift too large makes kernel panic 2022-10-17 15:01:11 +02:00
ptrace.c ptrace: Reimplement PTRACE_KILL by always sending SIGKILL 2022-08-26 11:07:09 +02:00
range.c
reboot.c Revert "PM: ACPI: reboot: Use S5 for reboot" 2022-04-14 11:32:31 +02:00
relay.c
resource.c
rseq.c
seccomp.c seccomp: Invalidate seccomp mode to catch death failures 2022-04-14 11:32:10 +02:00
signal.c signal handling: don't use BUG_ON() for debugging 2022-09-16 10:59:30 +02:00
smp.c smp: Fix offline cpu check in flush_smp_call_function_queue() 2022-06-22 14:50:41 +02:00
smpboot.c
smpboot.h
softirq.c
stackleak.c
stacktrace.c
stop_machine.c
sys.c prctl: allow to setup brk for et_dyn executables 2021-10-27 17:04:21 -06:00
sys_ni.c
sysctl-test.c
sysctl.c mm: sysctl: fix missing numa_stat when !CONFIG_HUGETLB_PAGE 2022-09-16 10:59:23 +02:00
sysctl_binary.c
task_work.c
taskstats.c
test_kprobes.c
torture.c
tracepoint.c
tsacct.c taskstats: Cleanup the use of task->exit_code 2022-04-14 11:32:19 +02:00
ucount.c
uid16.c
uid16.h
umh.c
up.c
user-return-notifier.c
user.c
user_namespace.c
utsname.c
utsname_sysctl.c
watchdog.c watchdog: export lockup_detector_reconfigure 2022-10-17 15:02:02 +02:00
watchdog_hld.c
workqueue.c workqueue: Fix unbind_workers() VS wq_worker_running() race 2022-03-07 16:35:02 +01:00
workqueue_internal.h