| Message ID | 20180522070718.12864-1-yuehaibing@huawei.com |
|---|---|
| State | Accepted, archived |
| Delegated to: | David Miller |
| Headers | show |
| Series | [net-next] cxgb4: Check for kvzalloc allocation failure | expand |
From: YueHaibing <yuehaibing@huawei.com> Date: Tue, 22 May 2018 15:07:18 +0800 > diff --git a/drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c b/drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c > index 130d1ee..019cffe 100644 > --- a/drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c > +++ b/drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c > @@ -4135,6 +4135,10 @@ static int adap_init0(struct adapter *adap) > * card > */ > card_fw = kvzalloc(sizeof(*card_fw), GFP_KERNEL); > + if (!card_fw) { > + ret = -ENOMEM; > + goto bye; > + } > On error, this leaks fw_info.
On 2018/5/24 23:07, David Miller wrote: > From: YueHaibing <yuehaibing@huawei.com> > Date: Tue, 22 May 2018 15:07:18 +0800 > >> diff --git a/drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c b/drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c >> index 130d1ee..019cffe 100644 >> --- a/drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c >> +++ b/drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c >> @@ -4135,6 +4135,10 @@ static int adap_init0(struct adapter *adap) >> * card >> */ >> card_fw = kvzalloc(sizeof(*card_fw), GFP_KERNEL); >> + if (!card_fw) { >> + ret = -ENOMEM; >> + goto bye; >> + } >> > > On error, this leaks fw_info. Hi David, I checked fw_info is an element of fw_info_array,there all members of struct fw_info no need free. It likes this : static struct fw_info fw_info_array[] = { { .chip = CHELSIO_T4, .fs_name = FW4_CFNAME, .fw_mod_name = FW4_FNAME, .fw_hdr = { .chip = FW_HDR_CHIP_T4, .fw_ver = __cpu_to_be32(FW_VERSION(T4)), .intfver_nic = FW_INTFVER(T4, NIC), .intfver_vnic = FW_INTFVER(T4, VNIC), .intfver_ri = FW_INTFVER(T4, RI), .intfver_iscsi = FW_INTFVER(T4, ISCSI), .intfver_fcoe = FW_INTFVER(T4, FCOE), }, }, { ........ Am I missing something? > > . >
From: YueHaibing <yuehaibing@huawei.com> Date: Fri, 25 May 2018 09:39:20 +0800 > On 2018/5/24 23:07, David Miller wrote: >> From: YueHaibing <yuehaibing@huawei.com> >> Date: Tue, 22 May 2018 15:07:18 +0800 >> >>> diff --git a/drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c b/drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c >>> index 130d1ee..019cffe 100644 >>> --- a/drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c >>> +++ b/drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c >>> @@ -4135,6 +4135,10 @@ static int adap_init0(struct adapter *adap) >>> * card >>> */ >>> card_fw = kvzalloc(sizeof(*card_fw), GFP_KERNEL); >>> + if (!card_fw) { >>> + ret = -ENOMEM; >>> + goto bye; >>> + } >>> >> >> On error, this leaks fw_info. > > Hi David, > > I checked fw_info is an element of fw_info_array,there all members of struct fw_info no need free. Aha, I misread the code, sorry. Applied, thanks.
diff --git a/drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c b/drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c index 130d1ee..019cffe 100644 --- a/drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c +++ b/drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c @@ -4135,6 +4135,10 @@ static int adap_init0(struct adapter *adap) * card */ card_fw = kvzalloc(sizeof(*card_fw), GFP_KERNEL); + if (!card_fw) { + ret = -ENOMEM; + goto bye; + } /* Get FW from from /lib/firmware/ */ ret = request_firmware(&fw, fw_info->fw_mod_name,
t4_prep_fw doesn't check for card_fw pointer before store the read data, which could lead to a NULL pointer dereference if kvzalloc failed. Signed-off-by: YueHaibing <yuehaibing@huawei.com> --- drivers/net/ethernet/chelsio/cxgb4/cxgb4_main.c | 4 ++++ 1 file changed, 4 insertions(+)