mirror-linux

ntfs3: fix memory leak in indx_create_allocate()

When indx_create_allocate() fails after
attr_allocate_clusters() succeeds, run_deallocate()
frees the disk clusters but never frees the memory
allocated by run_add_entry() via kvmalloc() for the
runs_tree structure.

Fix this by adding run_close() at the out: label to
free the run.runs memory on all error paths. The
success path is unaffected as it returns 0 directly
without going through out:, transferring ownership
of the run memory to indx->alloc_run via memcpy().

Reported-by: syzbot+7adcddaeeb860e5d3f2f@syzkaller.appspotmail.com
Closes: https://syzkaller.appspot.com/bug?extid=7adcddaeeb860e5d3f2f
Signed-off-by: Deepanshu Kartikey <Kartikey406@gmail.com>
Signed-off-by: Konstantin Komarov <almaz.alexandrovich@paragon-software.com>

master

Deepanshu Kartikey

2026-03-23 10:51:48 +05:30

committed by

Konstantin Komarov

parent f9963deaa8

commit 87ac077d6e

No known key found for this signature in database

GPG Key ID: A9B0331F832407B6

1 changed files with 1 additions and 0 deletions

									
										1

fs/ntfs3/index.c

										View File
									
				@ -1482,6 +1482,7 @@ out1:

					run_deallocate(sbi, &run, false);

				out:

					run_close(&run);

					return err;

				}

ntfs3: fix memory leak in indx_create_allocate()

1 fs/ntfs3/index.c Unescape Escape View File

1

fs/ntfs3/index.c

View File