From d9c1e9a8fff512bb6c43461181d4360f1c8cfd6d Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Sun, 18 Mar 2007 12:45:44 -0600 Subject: [PATCH] [PATCH] tty: Fix two reported pid leaks These leaks were reported by: Catalin Marinas and I have been able to very by inspection they are possible. When converting tty_io.c to store pids as struct pid pointers instead of pid_t values it appears I overlooked two places where we stop using the pid value. The very obvious one is in do_tty_hangup, and the one the less obvious one in __proc_set_tty. When looking into the code __proc_set_tty only has pids that need to be put because of failures of other parts of the code to properly perform hangup processing. Fixing the leak here in __proc_set_tty is easy and obviously correct so I am doing that first. Fixing the places that should be performing hangup processing is much less obviously correct. So those I'm aiming those patches at -mm. for now, so the can age a while before they are merged. Signed-off-by: Eric W. Biederman Signed-off-by: Linus Torvalds --- drivers/char/tty_io.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/drivers/char/tty_io.c b/drivers/char/tty_io.c index e45326856680..7a32df594907 100644 --- a/drivers/char/tty_io.c +++ b/drivers/char/tty_io.c @@ -1376,6 +1376,8 @@ static void do_tty_hangup(struct work_struct *work) read_unlock(&tasklist_lock); tty->flags = 0; + put_pid(tty->session); + put_pid(tty->pgrp); tty->session = NULL; tty->pgrp = NULL; tty->ctrl_status = 0; @@ -3841,6 +3843,9 @@ static struct pid *__proc_set_tty(struct task_struct *tsk, struct tty_struct *tt { struct pid *old_pgrp; if (tty) { + /* We should not have a session or pgrp to here but.... */ + put_pid(tty->session); + put_pid(tty->pgrp); tty->session = get_pid(task_session(tsk)); tty->pgrp = get_pid(task_pgrp(tsk)); }