Commit 1d9e689c authored Jul 25, 2013 by Gianluca Anzolin Committed by Greg Kroah-Hartman Jul 26, 2013

tty_port: Fix refcounting leak in tty_port_tty_hangup()



The function tty_port_tty_hangup() could leak a reference to the tty_struct:

        struct tty_struct *tty = tty_port_tty_get(port);

        if (tty && (!check_clocal || !C_CLOCAL(tty))) {
                tty_hangup(tty);
                tty_kref_put(tty);
        }

If tty != NULL and the second condition is false we never call tty_kref_put and
the reference is leaked.

Fix by always calling tty_kref_put() which accepts a NULL argument.

The patch fixes a regression introduced by commit aa27a094.

Acked-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
Signed-off-by: Gianluca Anzolin <gianluca@sottospazio.it>
Acked-by: Jiri Slaby <jslaby@suse.cz>
Cc: stable <stable@vger.kernel.org> # 3.10
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

parent 079a036f

drivers/tty/tty_port.c

+2 −3

Original line number	Diff line number	Diff line
		@@ -256,11 +256,10 @@ void tty_port_tty_hangup(struct tty_port *port, bool check_clocal)
		{
		struct tty_struct *tty = tty_port_tty_get(port);

		if (tty && (!check_clocal \|\| !C_CLOCAL(tty))) {
		if (tty && (!check_clocal \|\| !C_CLOCAL(tty)))
		tty_hangup(tty);
		tty_kref_put(tty);
		}
		}
		EXPORT_SYMBOL_GPL(tty_port_tty_hangup);

		/**

Admin message