The patch titled
Subject: selftests/capabilities: fix possible file leak in copy_fromat_to
has been added to the -mm mm-nonmm-unstable branch. Its filename is
selftests-capabilities-fix-possible-file-leak-in-copy_fromat_to.patch
This patch will shortly appear at
https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patches/selftests-capabilities-fix-possible-file-leak-in-copy_fromat_to.patch
This patch will later appear in the mm-nonmm-unstable branch at
git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
Before you just go and hit "reply", please:
a) Consider who else should be cc'ed
b) Prefer to cc a suitable mailing list as well
c) Ideally: find the original patch on the mailing list and do a
reply-to-all to that, adding suitable additional cc's
*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
The -mm tree is included into linux-next via the mm-everything
branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
and is updated there every 2-3 working days
------------------------------------------------------
From: Ma Ke <make24@xxxxxxxxxxx>
Subject: selftests/capabilities: fix possible file leak in copy_fromat_to
Date: Sun, 30 Jun 2024 21:00:38 +0800
open() returns -1 on error. openat() and open() initialize 'from' and
'to', and only 'from' validated with 'if' statement. If the
initialization of variable 'to' fails, we should better check the value of
'to' and close 'from' to avoid possible file leak. Improve the checking
of 'from' additionally.
Link: https://lkml.kernel.org/r/20240630130038.3671507-1-make24@xxxxxxxxxxx
Fixes: 32ae976ed3b5 ("selftests/capabilities: Add tests for capability evolution")
Signed-off-by: Ma Ke <make24@xxxxxxxxxxx>
Cc: Amer Al Shanawany <amer.shanawany@xxxxxxxxx>
Cc: Andy Lutomirski <luto@xxxxxxxxxx>
Cc: Kees Cook <kees@xxxxxxxxxx>
Cc: Muhammad Usama Anjum <usama.anjum@xxxxxxxxxxxxx>
Cc: Shuah Khan <shuah@xxxxxxxxxx>
Cc: Swarup Laxman Kotiaklapudi <swarupkotikalapudi@xxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
---
tools/testing/selftests/capabilities/test_execve.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
--- a/tools/testing/selftests/capabilities/test_execve.c~selftests-capabilities-fix-possible-file-leak-in-copy_fromat_to
+++ a/tools/testing/selftests/capabilities/test_execve.c
@@ -145,10 +145,14 @@ static void chdir_to_tmpfs(void)
static void copy_fromat_to(int fromfd, const char *fromname, const char *toname)
{
int from = openat(fromfd, fromname, O_RDONLY);
- if (from == -1)
+ if (from < 0)
ksft_exit_fail_msg("open copy source - %s\n", strerror(errno));
int to = open(toname, O_CREAT | O_WRONLY | O_EXCL, 0700);
+ if (to < 0) {
+ close(from);
+ ksft_exit_fail_msg("open copy destination - %s\n", strerror(errno));
+ }
while (true) {
char buf[4096];
_
Patches currently in -mm which might be from make24@xxxxxxxxxxx are
selftests-capabilities-fix-possible-file-leak-in-copy_fromat_to.patch
