diff options
| author | Owain Ainsworth <oga@cvs.openbsd.org> | 2009-01-15 22:54:22 +0000 |
|---|---|---|
| committer | Owain Ainsworth <oga@cvs.openbsd.org> | 2009-01-15 22:54:22 +0000 |
| commit | 6a49168735ed28c4e9083b68429c27052daa0103 (patch) | |
| tree | 06fa3df6ef053431a58a82e6f258c6b2ca82aa1f /sys | |
| parent | 38782c7d0637af1b5942e113c6fec5f10e4e484c (diff) | |
Fix a memory leak in in the case where semget() is called with a
non-private key and flags of IPC_CREAT.
Before, if we found an existing semaphore, we jumped to the return and
forgot the free the preallocated semaphore. Instead, free it before we
jump.
Bug reported by Roland Bramm; thanks!
ok miod@.
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/kern/sysv_sem.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/sys/kern/sysv_sem.c b/sys/kern/sysv_sem.c index fcad6a00033..16404a980cb 100644 --- a/sys/kern/sysv_sem.c +++ b/sys/kern/sysv_sem.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sysv_sem.c,v 1.36 2008/05/23 20:14:45 djm Exp $ */ +/* $OpenBSD: sysv_sem.c,v 1.37 2009/01/15 22:54:21 oga Exp $ */ /* $NetBSD: sysv_sem.c,v 1.26 1996/02/09 19:00:25 christos Exp $ */ /* @@ -430,6 +430,10 @@ sys_semget(struct proc *p, void *v, register_t *retval) error = EEXIST; goto error; } + if (semaptr_new != NULL) { + free(semaptr_new->sem_base, M_SEM); + pool_put(&sema_pool, semaptr_new); + } goto found; } } |