From f6525b96dd9f68efe374e5aef864975e628de991 Mon Sep 17 00:00:00 2001
From: Douglas Anderson <dianders@chromium.org>
Date: Tue, 30 May 2017 15:50:38 -0700
Subject: pstore: Fix leaked pstore_record in pstore_get_backend_records()

When the "if (record->size <= 0)" test is true in
pstore_get_backend_records() it's pretty clear that nobody holds a
reference to the allocated pstore_record, yet we don't free it.

Let's free it.

Fixes: 2a2b0acf768c ("pstore: Allocate records on heap instead of stack")
Signed-off-by: Douglas Anderson <dianders@chromium.org>
Signed-off-by: Kees Cook <keescook@chromium.org>
Cc: stable@vger.kernel.org
---
 fs/pstore/platform.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'fs/pstore')

diff --git a/fs/pstore/platform.c b/fs/pstore/platform.c
index b3045530dd4e..4c5cd9368460 100644
--- a/fs/pstore/platform.c
+++ b/fs/pstore/platform.c
@@ -849,8 +849,10 @@ void pstore_get_backend_records(struct pstore_info *psi,
 		record->size = psi->read(record);
 
 		/* No more records left in backend? */
-		if (record->size <= 0)
+		if (record->size <= 0) {
+			kfree(record);
 			break;
+		}
 
 		decompress_record(record);
 		rc = pstore_mkfile(root, record);
-- 
cgit v1.2.3