ACPI / sysfs: fix acpi_get_table() leak / acpi-sysfs denial of service

author Dan Williams <dan.j.williams@intel.com>

Tue, 25 Apr 2017 19:58:31 +0000 (12:58 -0700)

committer Rafael J. Wysocki <rafael.j.wysocki@intel.com>

Wed, 26 Apr 2017 22:27:49 +0000 (00:27 +0200)
author Dan Williams <dan.j.williams@intel.com>
Tue, 25 Apr 2017 19:58:31 +0000 (12:58 -0700)
committer Rafael J. Wysocki <rafael.j.wysocki@intel.com>
Wed, 26 Apr 2017 22:27:49 +0000 (00:27 +0200)
diff --git a/drivers/acpi/sysfs.c b/drivers/acpi/sysfs.c

index cf05ae9..5180fef 100644 (file)
--- a/drivers/acpi/sysfs.c
+++ b/drivers/acpi/sysfs.c
@@ -333,14 +333,17 @@ static ssize_t acpi_table_show(struct file *filp, struct kobject *kobj,
             container_of(bin_attr, struct acpi_table_attr, attr);
         struct acpi_table_header *table_header = NULL;
         acpi_status status;
+       ssize_t rc;
  
         status = acpi_get_table(table_attr->name, table_attr->instance,
                                 &table_header);
         if (ACPI_FAILURE(status))
                 return -ENODEV;
  
-       return memory_read_from_buffer(buf, count, &offset,
-                                      table_header, table_header->length);
+       rc = memory_read_from_buffer(buf, count, &offset, table_header,
+                       table_header->length);
+       acpi_put_table(table_header);
+       return rc;
  }
  
  static int acpi_table_attr_init(struct kobject *tables_obj,
author	Dan Williams <dan.j.williams@intel.com>
	Tue, 25 Apr 2017 19:58:31 +0000 (12:58 -0700)
committer	Rafael J. Wysocki <rafael.j.wysocki@intel.com>
	Wed, 26 Apr 2017 22:27:49 +0000 (00:27 +0200)