Patchwork [v2] sparc: kernel/sbus.c: fix memory leakage

login
register
mail settings
Submitter Cong Ding
Date Jan. 16, 2013, 10:01 p.m.
Message ID <20130116220153.GD18593@gmail.com>
Download mbox | patch
Permalink /patch/213081/
State Superseded
Delegated to: David Miller
Headers show

Comments

Cong Ding - Jan. 16, 2013, 10:01 p.m.
the variable iommu and strbuf are not freed if it goes to error.

Signed-off-by: Cong Ding <dinggnu@gmail.com>
---
 arch/sparc/kernel/sbus.c |    2 ++
 1 file changed, 2 insertions(+)
Richard Mortimer - Jan. 17, 2013, 10:41 a.m.
On 16/01/2013 22:01, Cong Ding wrote:
> the variable iommu and strbuf are not freed if it goes to error.
>
> Signed-off-by: Cong Ding <dinggnu@gmail.com>
> ---
>   arch/sparc/kernel/sbus.c |    2 ++
>   1 file changed, 2 insertions(+)
>
> diff --git a/arch/sparc/kernel/sbus.c b/arch/sparc/kernel/sbus.c
> index 1271b3a..78aa26b 100644
> --- a/arch/sparc/kernel/sbus.c
> +++ b/arch/sparc/kernel/sbus.c
> @@ -656,6 +656,8 @@ static void __init sbus_iommu_init(struct platform_device *op)
>   	return;
>
>   fatal_memory_error:
> +	kfree(strbuf);

strbuf will be uninitialized if the iommu allocation fails. I don't have 
a particular preference for how to fix this but tend to dislike initial 
assignment with NULL because it hides other control flow issues.

Regards

Richard

> +	kfree(iommu);
>   	prom_printf("sbus_iommu_init: Fatal memory allocation error.\n");
>   }
>
>
--
To unsubscribe from this list: send the line "unsubscribe sparclinux" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Cong Ding - Jan. 17, 2013, 11:56 a.m.
On Thu, Jan 17, 2013 at 10:41:59AM +0000, Richard Mortimer wrote:
> 
> 
> On 16/01/2013 22:01, Cong Ding wrote:
> >the variable iommu and strbuf are not freed if it goes to error.
> >
> >Signed-off-by: Cong Ding <dinggnu@gmail.com>
> >---
> >  arch/sparc/kernel/sbus.c |    2 ++
> >  1 file changed, 2 insertions(+)
> >
> >diff --git a/arch/sparc/kernel/sbus.c b/arch/sparc/kernel/sbus.c
> >index 1271b3a..78aa26b 100644
> >--- a/arch/sparc/kernel/sbus.c
> >+++ b/arch/sparc/kernel/sbus.c
> >@@ -656,6 +656,8 @@ static void __init sbus_iommu_init(struct platform_device *op)
> >  	return;
> >
> >  fatal_memory_error:
> >+	kfree(strbuf);
> 
> strbuf will be uninitialized if the iommu allocation fails. I don't
> have a particular preference for how to fix this but tend to dislike
> initial assignment with NULL because it hides other control flow
> issues.
Sorry I didn't notice strbuf will be uninitialized here. But if we don't
initially assign a NULL value to strbuf, I cannot find a way to handle it
besides the first version patch. Did you have any suggestions? For me, I like
the first version.
- cong
> 
> Regards
> 
> Richard
> 
> >+	kfree(iommu);
> >  	prom_printf("sbus_iommu_init: Fatal memory allocation error.\n");
> >  }
> >
> >
--
To unsubscribe from this list: send the line "unsubscribe sparclinux" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Richard Mortimer - Jan. 17, 2013, 12:30 p.m.
On 17/01/2013 11:56, Cong Ding wrote:
> On Thu, Jan 17, 2013 at 10:41:59AM +0000, Richard Mortimer wrote:
>>
>>
>> On 16/01/2013 22:01, Cong Ding wrote:
>>> the variable iommu and strbuf are not freed if it goes to error.
>>>
>>> Signed-off-by: Cong Ding <dinggnu@gmail.com>
>>> ---
>>>   arch/sparc/kernel/sbus.c |    2 ++
>>>   1 file changed, 2 insertions(+)
>>>
>>> diff --git a/arch/sparc/kernel/sbus.c b/arch/sparc/kernel/sbus.c
>>> index 1271b3a..78aa26b 100644
>>> --- a/arch/sparc/kernel/sbus.c
>>> +++ b/arch/sparc/kernel/sbus.c
>>> @@ -656,6 +656,8 @@ static void __init sbus_iommu_init(struct platform_device *op)
>>>   	return;
>>>
>>>   fatal_memory_error:
>>> +	kfree(strbuf);
>>
>> strbuf will be uninitialized if the iommu allocation fails. I don't
>> have a particular preference for how to fix this but tend to dislike
>> initial assignment with NULL because it hides other control flow
>> issues.
> Sorry I didn't notice strbuf will be uninitialized here. But if we don't
> initially assign a NULL value to strbuf, I cannot find a way to handle it
> besides the first version patch. Did you have any suggestions? For me, I like
> the first version.

Two thoughts...

1 - just use a goto target for the iommu allocation failure and make 
that skip the strbuf free call. The others use the existing 
fatal_memory_error label.

2 - Move the strbuf kzalloc up 2 lines so that it occurs before the test 
for iommu.

2b - In case (2) above the failure test could be changed to
if (!iommu || !strbuf)
to remove duplication of goto.

I'd probably go for 2/2b to address Sam's initial comment.

Regards

Richard


> - cong
>>
>> Regards
>>
>> Richard
>>
>>> +	kfree(iommu);
>>>   	prom_printf("sbus_iommu_init: Fatal memory allocation error.\n");
>>>   }
>>>
>>>
--
To unsubscribe from this list: send the line "unsubscribe sparclinux" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Cong Ding - Jan. 17, 2013, 1:16 p.m.
On Thu, Jan 17, 2013 at 12:30:11PM +0000, Richard Mortimer wrote:
> 
> 
> On 17/01/2013 11:56, Cong Ding wrote:
> >On Thu, Jan 17, 2013 at 10:41:59AM +0000, Richard Mortimer wrote:
> >>
> >>
> >>On 16/01/2013 22:01, Cong Ding wrote:
> >>>the variable iommu and strbuf are not freed if it goes to error.
> >>>
> >>>Signed-off-by: Cong Ding <dinggnu@gmail.com>
> >>>---
> >>>  arch/sparc/kernel/sbus.c |    2 ++
> >>>  1 file changed, 2 insertions(+)
> >>>
> >>>diff --git a/arch/sparc/kernel/sbus.c b/arch/sparc/kernel/sbus.c
> >>>index 1271b3a..78aa26b 100644
> >>>--- a/arch/sparc/kernel/sbus.c
> >>>+++ b/arch/sparc/kernel/sbus.c
> >>>@@ -656,6 +656,8 @@ static void __init sbus_iommu_init(struct platform_device *op)
> >>>  	return;
> >>>
> >>>  fatal_memory_error:
> >>>+	kfree(strbuf);
> >>
> >>strbuf will be uninitialized if the iommu allocation fails. I don't
> >>have a particular preference for how to fix this but tend to dislike
> >>initial assignment with NULL because it hides other control flow
> >>issues.
> >Sorry I didn't notice strbuf will be uninitialized here. But if we don't
> >initially assign a NULL value to strbuf, I cannot find a way to handle it
> >besides the first version patch. Did you have any suggestions? For me, I like
> >the first version.
> 
> Two thoughts...
> 
> 1 - just use a goto target for the iommu allocation failure and make
> that skip the strbuf free call. The others use the existing
> fatal_memory_error label.
this looks ugly. If we do in this way, why not version 1?
> 
> 2 - Move the strbuf kzalloc up 2 lines so that it occurs before the
> test for iommu.
> 
> 2b - In case (2) above the failure test could be changed to
> if (!iommu || !strbuf)
> to remove duplication of goto.
I will send a new version by using this solution.
Thanks, - cong

--
To unsubscribe from this list: send the line "unsubscribe sparclinux" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Patch

diff --git a/arch/sparc/kernel/sbus.c b/arch/sparc/kernel/sbus.c
index 1271b3a..78aa26b 100644
--- a/arch/sparc/kernel/sbus.c
+++ b/arch/sparc/kernel/sbus.c
@@ -656,6 +656,8 @@  static void __init sbus_iommu_init(struct platform_device *op)
 	return;
 
 fatal_memory_error:
+	kfree(strbuf);
+	kfree(iommu);
 	prom_printf("sbus_iommu_init: Fatal memory allocation error.\n");
 }