On Tue, Sep 19, 2017 at 04:46:08PM +0100, David Howells wrote: > Eric Biggers <ebigge...@gmail.com> wrote: > > > In request_key_auth_new(), if alloc_key() or key_instantiate_and_link() > > were to fail, we would leak a reference to the 'struct cred'. Currently > > this can only happen if alloc_key() fails to to allocate memory. But it > > still should be fixed, as it is a more severe bug waiting to happen. > > It might be better to combine request_key_auth_destroy() and the error path > that you're altering in request_key_auth_new() by pulling it into a separate > function. > > David
Agreed, I'll do that. Eric
