[PATCH] proper error cleanup on security_acct hook

From: Chris Wright (chrisw@private)
Date: Mon Mar 08 2004 - 12:14:16 PST

  • Next message: mbatealann@private: "REPLY SOON"

    * Stephen Smalley (sds@private) wrote:
    > Hi,
    > 
    > A colleague noticed that in 2.6, sys_acct does not properly clean up the
    > open file when the security_acct hook returns an error, and proposed the
    > patch below.  Look ok?
    
    Yes, thanks.
    -chris
    
    Index: linux-2.6/kernel/acct.c
    ===================================================================
    RCS file: /nfshome/pal/CVS/linux-2.6/kernel/acct.c,v
    retrieving revision 1.1.1.8
    diff -u -r1.1.1.8 acct.c
    --- linux-2.6/kernel/acct.c	20 Oct 2003 13:27:30 -0000	1.1.1.8
    +++ linux-2.6/kernel/acct.c	8 Mar 2004 19:22:26 -0000
    @@ -235,8 +235,11 @@
     	}
     
     	error = security_acct(file);
    -	if (error)
    +	if (error) {
    +		if (file)
    +			filp_close(file, NULL);
     		return error;
    +	}
     
     	spin_lock(&acct_globals.lock);
     	acct_file_reopen(file);
    



    This archive was generated by hypermail 2b30 : Mon Mar 08 2004 - 12:15:34 PST