Project

General

Profile

Actions

Bug #11954

closed

rpcmod: Possible memory leak in connmgr_get()

Added by Marcel Telka over 1 year ago. Updated over 1 year ago.

Status:
Closed
Priority:
Low
Assignee:
Category:
nfs - NFS server and client
Start date:
Due date:
% Done:

100%

Estimated time:
Difficulty:
Bite-size
Tags:
Gerrit CR:

Description

There is the following code in the connmgr_get() function in rpcmod:

1936                if (srcaddr->len > 0)
1937                    kmem_free(srcaddr->buf,
1938                        srcaddr->maxlen);
1939                srcaddr->buf = kmem_zalloc(
1940                    lru_entry->x_src.len, KM_SLEEP);
1941                srcaddr->maxlen = srcaddr->len =
1942                    lru_entry->x_src.len;

The problem is that in a case srcaddr->len == 0, but srcaddr->maxlen > 0 (at line 1936) the code will leak the previously allocated srcaddr->buf. I believe the leak currently cannot happen, since the code always sets srcaddr->maxlen and srcaddr->len to same value, but it is still worth fixing to make sure any future modifications to this code that would introduce a case when srcaddr->len != srcaddr->maxlen won't suddenly start to leak.


Related issues

Related to illumos gate - Bug #11955: clnt_cots: kmem_free(NULL, 0) is legalClosedMarcel Telka

Actions
Actions #1

Updated by Marcel Telka over 1 year ago

  • Related to Bug #11955: clnt_cots: kmem_free(NULL, 0) is legal added
Actions #3

Updated by Marcel Telka over 1 year ago

  • Status changed from In Progress to Pending RTI
Actions #4

Updated by Electric Monk over 1 year ago

  • Status changed from Pending RTI to Closed
  • % Done changed from 0 to 100

git commit f67d64d998ff666158cc5231b7e80c11c3e922e0

commit  f67d64d998ff666158cc5231b7e80c11c3e922e0
Author: Marcel Telka <marcel@telka.sk>
Date:   2019-11-14T16:19:43.000Z

    11954 rpcmod: Possible memory leak in connmgr_get()
    11955 clnt_cots: kmem_free(NULL, 0) is legal
    Reviewed by: Vitaliy Gusev <gusev.vitaliy@icloud.com>
    Reviewed by: Andy Fiddaman <omnios@citrus-it.co.uk>
    Approved by: Dan McDonald <danmcd@joyent.com>

Actions

Also available in: Atom PDF