From 292f3f99b73fb901ffdd3ad8ac682718e1e8960a Mon Sep 17 00:00:00 2001 From: Jamie Liu Date: Mon, 27 Apr 2020 07:37:45 -0700 Subject: Don't leak vfs.MountNamespace reference if kernel.TaskSet.NewTask fails. PiperOrigin-RevId: 308617610 --- pkg/sentry/kernel/task_start.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/pkg/sentry/kernel/task_start.go b/pkg/sentry/kernel/task_start.go index a5035bb7f..8485fb4b6 100644 --- a/pkg/sentry/kernel/task_start.go +++ b/pkg/sentry/kernel/task_start.go @@ -104,6 +104,9 @@ func (ts *TaskSet) NewTask(cfg *TaskConfig) (*Task, error) { cfg.TaskContext.release() cfg.FSContext.DecRef() cfg.FDTable.DecRef() + if cfg.MountNamespaceVFS2 != nil { + cfg.MountNamespaceVFS2.DecRef() + } return nil, err } return t, nil -- cgit v1.2.3