[PATCH] proper error cleanup on security_acct hook

From: Chris Wright (chrisw@private)
Date: Mon Mar 08 2004 - 12:14:16 PST

Next message: mbatealann@private: "REPLY SOON"

Previous message: Stephen Smalley: "security_acct hook"
In reply to: Stephen Smalley: "security_acct hook"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Stephen Smalley (sds@private) wrote:
> Hi,
> 
> A colleague noticed that in 2.6, sys_acct does not properly clean up the
> open file when the security_acct hook returns an error, and proposed the
> patch below.  Look ok?

Yes, thanks.
-chris

Index: linux-2.6/kernel/acct.c
===================================================================
RCS file: /nfshome/pal/CVS/linux-2.6/kernel/acct.c,v
retrieving revision 1.1.1.8
diff -u -r1.1.1.8 acct.c
--- linux-2.6/kernel/acct.c	20 Oct 2003 13:27:30 -0000	1.1.1.8
+++ linux-2.6/kernel/acct.c	8 Mar 2004 19:22:26 -0000
@@ -235,8 +235,11 @@
 	}
 
 	error = security_acct(file);
-	if (error)
+	if (error) {
+		if (file)
+			filp_close(file, NULL);
 		return error;
+	}
 
 	spin_lock(&acct_globals.lock);
 	acct_file_reopen(file);

Next message: mbatealann@private: "REPLY SOON"
Previous message: Stephen Smalley: "security_acct hook"
In reply to: Stephen Smalley: "security_acct hook"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Mar 08 2004 - 12:15:34 PST