Commit d579091b authored by Kirill Korotaev's avatar Kirill Korotaev Committed by Linus Torvalds

[PATCH] fix fdset leakage

When found, it is obvious.  nfds calculated when allocating fdsets is
rewritten by calculation of size of fdtable, and when we are unlucky, we
try to free fdsets of wrong size.

Found due to OpenVZ resource management (User Beancounters).
Signed-off-by: default avatarAlexey Kuznetsov <kuznet@ms2.inr.ac.ru>
Signed-off-by: default avatarKirill Korotaev <dev@openvz.org>
Cc: <stable@kernel.org>
Signed-off-by: default avatarAndrew Morton <akpm@osdl.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@osdl.org>
parent abf75a50
...@@ -273,11 +273,13 @@ static struct fdtable *alloc_fdtable(int nr) ...@@ -273,11 +273,13 @@ static struct fdtable *alloc_fdtable(int nr)
} while (nfds <= nr); } while (nfds <= nr);
new_fds = alloc_fd_array(nfds); new_fds = alloc_fd_array(nfds);
if (!new_fds) if (!new_fds)
goto out; goto out2;
fdt->fd = new_fds; fdt->fd = new_fds;
fdt->max_fds = nfds; fdt->max_fds = nfds;
fdt->free_files = NULL; fdt->free_files = NULL;
return fdt; return fdt;
out2:
nfds = fdt->max_fdset;
out: out:
if (new_openset) if (new_openset)
free_fdset(new_openset, nfds); free_fdset(new_openset, nfds);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment