Commit d2e10088 authored Apr 05, 2016 by Sudip Mukherjee Committed by Kees Cook Apr 06, 2016

lkdtm: fix memory leak of base

This case is supposed to read from a memory after it has been freed,
but we missed freeing base if the memory 'val' could not be allocated.

Signed-off-by: Sudip Mukherjee <sudip.mukherjee@codethink.co.uk>
Signed-off-by: Kees Cook <keescook@chromium.org>

parent 50fbd977

drivers/misc/lkdtm.c

+3 −1

Original line number	Diff line number	Diff line
		@@ -458,8 +458,10 @@ static void lkdtm_do_action(enum ctype which)
		break;

		val = kmalloc(len, GFP_KERNEL);
		if (!val)
		if (!val) {
		kfree(base);
		break;
		}

		*val = 0x12345678;
		base[offset] = *val;