From d2e10088ce01191748857296999b8c24a9a51959 Mon Sep 17 00:00:00 2001 From: Sudip Mukherjee Date: Tue, 5 Apr 2016 22:41:06 +0530 Subject: [PATCH] lkdtm: fix memory leak of base This case is supposed to read from a memory after it has been freed, but we missed freeing base if the memory 'val' could not be allocated. Signed-off-by: Sudip Mukherjee Signed-off-by: Kees Cook --- drivers/misc/lkdtm.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/drivers/misc/lkdtm.c b/drivers/misc/lkdtm.c index 2f0b02248761..5b3a63c87ec9 100644 --- a/drivers/misc/lkdtm.c +++ b/drivers/misc/lkdtm.c @@ -458,8 +458,10 @@ static void lkdtm_do_action(enum ctype which) break; val = kmalloc(len, GFP_KERNEL); - if (!val) + if (!val) { + kfree(base); break; + } *val = 0x12345678; base[offset] = *val; -- 2.20.1