Patch "fs/ntfs3: Fix memory leak on ntfs_fill_super() error path" has been added to the 5.15-stable tree

Sasha Levin <sashal@xxxxxxxxxx> · Sun, 1 Jan 2023 22:33:21 -0500

This is a note to let you know that I've just added the patch titled

    fs/ntfs3: Fix memory leak on ntfs_fill_super() error path

to the 5.15-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     fs-ntfs3-fix-memory-leak-on-ntfs_fill_super-error-pa.patch
and it can be found in the queue-5.15 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.



commit 2c224b6435e8ff7a562e5a63843ee03f7add60a2
Author: Shigeru Yoshida <syoshida@xxxxxxxxxx>
Date:   Tue Aug 23 19:32:05 2022 +0900

    fs/ntfs3: Fix memory leak on ntfs_fill_super() error path
    
    [ Upstream commit 51e76a232f8c037f1d9e9922edc25b003d5f3414 ]
    
    syzbot reported kmemleak as below:
    
    BUG: memory leak
    unreferenced object 0xffff8880122f1540 (size 32):
      comm "a.out", pid 6664, jiffies 4294939771 (age 25.500s)
      hex dump (first 32 bytes):
        00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
        00 00 00 00 00 00 00 00 ed ff ed ff 00 00 00 00  ................
      backtrace:
        [<ffffffff81b16052>] ntfs_init_fs_context+0x22/0x1c0
        [<ffffffff8164aaa7>] alloc_fs_context+0x217/0x430
        [<ffffffff81626dd4>] path_mount+0x704/0x1080
        [<ffffffff81627e7c>] __x64_sys_mount+0x18c/0x1d0
        [<ffffffff84593e14>] do_syscall_64+0x34/0xb0
        [<ffffffff84600087>] entry_SYSCALL_64_after_hwframe+0x63/0xcd
    
    This patch fixes this issue by freeing mount options on error path of
    ntfs_fill_super().
    
    Reported-by: syzbot+9d67170b20e8f94351c8@xxxxxxxxxxxxxxxxxxxxxxxxx
    Signed-off-by: Shigeru Yoshida <syoshida@xxxxxxxxxx>
    Signed-off-by: Konstantin Komarov <almaz.alexandrovich@xxxxxxxxxxxxxxxxxxxx>
    Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>

diff --git a/fs/ntfs3/super.c b/fs/ntfs3/super.c
index c321f621464b..4ff0d2c9507c 100644
--- a/fs/ntfs3/super.c
+++ b/fs/ntfs3/super.c
@@ -1276,6 +1276,7 @@ static int ntfs_fill_super(struct super_block *sb, struct fs_context *fc)
 	 * Free resources here.
 	 * ntfs_fs_free will be called with fc->s_fs_info = NULL
 	 */
+	put_mount_options(sbi->options);
 	put_ntfs(sbi);
 	sb->s_fs_info = NULL;
 






