[PATCH] fix fdset leakage
authorKirill Korotaev <dev@openvz.org>
Wed, 12 Jul 2006 16:03:05 +0000 (09:03 -0700)
committerLinus Torvalds <torvalds@g5.osdl.org>
Wed, 12 Jul 2006 19:52:54 +0000 (12:52 -0700)
When found, it is obvious.  nfds calculated when allocating fdsets is
rewritten by calculation of size of fdtable, and when we are unlucky, we
try to free fdsets of wrong size.

Found due to OpenVZ resource management (User Beancounters).

Signed-off-by: Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
Signed-off-by: Kirill Korotaev <dev@openvz.org>
Cc: <stable@kernel.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
fs/file.c

index 3f356086061d7076a379b76e265295a5fe3750fe..c8f1b0af8e0004c8ca901e8e6babb5877fd5cc21 100644 (file)
--- a/fs/file.c
+++ b/fs/file.c
@@ -273,11 +273,13 @@ static struct fdtable *alloc_fdtable(int nr)
        } while (nfds <= nr);
        new_fds = alloc_fd_array(nfds);
        if (!new_fds)
-               goto out;
+               goto out2;
        fdt->fd = new_fds;
        fdt->max_fds = nfds;
        fdt->free_files = NULL;
        return fdt;
+out2:
+       nfds = fdt->max_fdset;
 out:
        if (new_openset)
                free_fdset(new_openset, nfds);