ntfs3: fix memory leak in indx_create_allocate()

When indx_create_allocate() fails after attr_allocate_clusters() succeeds, run_deallocate() frees the disk clusters but never frees the memory allocated by run_add_entry() via kvmalloc() for the runs_tree structure. Fix this by adding run_close() at the out: label to free the run.runs memory on all error paths. The success path is unaffected as it returns 0 directly without going through out:, transferring ownership of the run memory to indx->alloc_run via memcpy(). Reported-by: syzbot+7adcddaeeb860e5d3f2f@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=7adcddaeeb860e5d3f2f Signed-off-by: Deepanshu Kartikey <Kartikey406@gmail.com> Signed-off-by: Konstantin Komarov <almaz.alexandrovich@paragon-software.com>
author: Deepanshu Kartikey <kartikey406@gmail.com> 2026-03-23 08:21:48 +0300
committer: Konstantin Komarov <almaz.alexandrovich@paragon-software.com> 2026-04-02 21:23:23 +0300
commit: 87ac077d6ea8613b7c1debdf3b5e92c78618fd23 (patch)
tree: 274692c0505da3ea21a769795a9e0868ca522edb
parent: f9963deaa891479da24e32fc614c08f158fe1608 (diff)
download: linux-87ac077d6ea8613b7c1debdf3b5e92c78618fd23.tar.xz
1 files changed, 1 insertions, 0 deletions
diff --git a/fs/ntfs3/index.c b/fs/ntfs3/index.c
index 8b107b6714ce..5344b29b0577 100644
--- a/fs/ntfs3/index.c
+++ b/fs/ntfs3/index.c
@@ -1482,6 +1482,7 @@ out1:
 	run_deallocate(sbi, &run, false);
 
 out:
+	run_close(&run);
 	return err;
 }
author	Deepanshu Kartikey <kartikey406@gmail.com>	2026-03-23 08:21:48 +0300
committer	Konstantin Komarov <almaz.alexandrovich@paragon-software.com>	2026-04-02 21:23:23 +0300
commit	87ac077d6ea8613b7c1debdf3b5e92c78618fd23 (patch)
tree	274692c0505da3ea21a769795a9e0868ca522edb
parent	f9963deaa891479da24e32fc614c08f158fe1608 (diff)
download	linux-87ac077d6ea8613b7c1debdf3b5e92c78618fd23.tar.xz