[PATCH] erofs-utils: lib: fix QPL job leak on early error paths in z_erofs_decompress_qpl() After z_erofs_qpl_get_job() succeeds, two early-return error paths bypass z_erofs_qpl_put_job(), leaking the QPL job handle: - Line 200: return -EFSCORRUPTED (when inputmargin >= inputsize) - Line 205: return -ENOMEM (when malloc fails for decodedskip buffer) Fix by replacing the bare returns with goto out_inflate_end, which already handles both z_erofs_qpl_put_job() and free(buff).
Vi-shub
smsharma3121 at gmail.com
Fri Mar 20 09:11:36 AEDT 2026
Signed-off-by: Vi-shub <smsharma3121 at gmail.com>
---
lib/decompress.c | 12 ++++++++----
1 file changed, 8 insertions(+), 4 deletions(-)
diff --git a/lib/decompress.c b/lib/decompress.c
index e7ec83e..eb696d3 100644
--- a/lib/decompress.c
+++ b/lib/decompress.c
@@ -196,13 +196,17 @@ static int z_erofs_decompress_qpl(struct z_erofs_decompress_req *rq)
return PTR_ERR(job);
inputmargin = z_erofs_fixup_insize(src, rq->inputsize);
- if (inputmargin >= rq->inputsize)
- return -EFSCORRUPTED;
+ if (inputmargin >= rq->inputsize) {
+ ret = -EFSCORRUPTED;
+ goto out_inflate_end;
+ }
if (rq->decodedskip) {
buff = malloc(rq->decodedlength);
- if (!buff)
- return -ENOMEM;
+ if (!buff) {
+ ret = -ENOMEM;
+ goto out_inflate_end;
+ }
dest = buff;
}
--
2.39.1.windows.1
More information about the Linux-erofs
mailing list