xfs: Plug memory leak in xfs_attrmulti_attr_set

When setting attributes via XFS_IOC_ATTRMULTI_BY_HANDLE, the user-space
buffer is copied into a new kernel-space buffer via memdup_user; that
buffer then isn't freed.

Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
Reviewed-by: Dave Chinner <dchinner@redhat.com>
Signed-off-by: Dave Chinner <david@fromorbit.com>

diff --git a/fs/xfs/xfs_ioctl.c b/fs/xfs/xfs_ioctl.c
index ea7d85af53101f25ed0d1b9598edae5c8af77bcc..e939c20cb4dee90f70731d5d668cbef98b8354c0 100644 (file)
--- a/fs/xfs/xfs_ioctl.c
+++ b/fs/xfs/xfs_ioctl.c
@@ -482,6 +482,7 @@ xfs_attrmulti_attr_set(
        __uint32_t              flags)
 {
        unsigned char           *kbuf;
+       int                     error;
 
        if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
                return -EPERM;
@@ -492,7 +493,9 @@ xfs_attrmulti_attr_set(
        if (IS_ERR(kbuf))
                return PTR_ERR(kbuf);
 
-       return xfs_attr_set(XFS_I(inode), name, kbuf, len, flags);
+       error = xfs_attr_set(XFS_I(inode), name, kbuf, len, flags);
+       kfree(kbuf);
+       return error;
 }
 
 int