From 7f83d23ecfce15cc83f51aa9d1c4f95c24448ab9 Mon Sep 17 00:00:00 2001 From: Konstantin Belousov Date: Fri, 24 Sep 2021 03:14:56 +0300 Subject: [PATCH] aio_aqueue(): avoid ucred leak on failure path Approved by: so Security: FreeBSD-SA-22:10.aio PR: 258698 Submitted by: sigsys@gmail.com (cherry picked from commit 45c2c7c484de7747014492b17ff89e323ee66496) (cherry picked from commit 76ed54dda74ffe8c7284cab10a4b30445a8db12f) --- sys/kern/vfs_aio.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/sys/kern/vfs_aio.c b/sys/kern/vfs_aio.c index d68301d3d34..ba46a503141 100644 --- a/sys/kern/vfs_aio.c +++ b/sys/kern/vfs_aio.c @@ -1616,7 +1616,7 @@ aio_aqueue(struct thread *td, struct aiocb *ujob, struct aioliojob *lj, else error = fo_aio_queue(fp, job); if (error) - goto aqueue_fail; + goto err4; AIO_LOCK(ki); job->jobflags &= ~KAIOCB_QUEUEING; @@ -1637,6 +1637,8 @@ aio_aqueue(struct thread *td, struct aiocb *ujob, struct aioliojob *lj, AIO_UNLOCK(ki); return (0); +err4: + crfree(job->cred); aqueue_fail: knlist_delete(&job->klist, curthread, 0); if (fp) -- 2.45.0