lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 20 Oct 2017 09:59:09 +0800 From: Lixin Wang <alan.1.wang@...ia-sbell.com> To: Rob Herring <robh+dt@...nel.org>, Frank Rowand <frowand.list@...il.com> CC: <linux-kernel@...r.kernel.org>, <devicetree@...r.kernel.org>, Lixin Wang <alan.1.wang@...ia-sbell.com> Subject: [PATCH v4] of: dynamic: fix memory leak related to properties of __of_node_dup If a node with no properties is dynamically added, then a property is dynamically added to the node, then the property is dynamically removed, the result will be node->properties == NULL and node->deadprops != NULL. Add a separate function to release the properties in both lists. Signed-off-by: Lixin Wang <alan.1.wang@...ia-sbell.com> Reviewed-by: Frank Rowand <frank.rowand@...y.com> --- Thanks the idea from Rob Herring, that I forgot to mention at patch v3. Thanks Frank Rowand for writing to me the example. v3 -> v4: * Using the style that is more consistent with device tree code, as suggested by Frank Rowand drivers/of/dynamic.c | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/drivers/of/dynamic.c b/drivers/of/dynamic.c index 301b6db..f33b7c2 100644 --- a/drivers/of/dynamic.c +++ b/drivers/of/dynamic.c @@ -315,6 +315,17 @@ int of_detach_node(struct device_node *np) } EXPORT_SYMBOL_GPL(of_detach_node); +static void property_list_free(struct property *prop_list) +{ + struct property *prop; + + for (prop = prop_list; prop != NULL; prop = prop->next) { + kfree(prop->name); + kfree(prop->value); + kfree(prop); + } +} + /** * of_node_release() - release a dynamically allocated node * @kref: kref element of the node to be released @@ -324,7 +335,6 @@ EXPORT_SYMBOL_GPL(of_detach_node); void of_node_release(struct kobject *kobj) { struct device_node *node = kobj_to_device_node(kobj); - struct property *prop = node->properties; /* We should never be releasing nodes that haven't been detached. */ if (!of_node_check_flag(node, OF_DETACHED)) { @@ -335,18 +345,9 @@ void of_node_release(struct kobject *kobj) if (!of_node_check_flag(node, OF_DYNAMIC)) return; - while (prop) { - struct property *next = prop->next; - kfree(prop->name); - kfree(prop->value); - kfree(prop); - prop = next; + property_list_free(node->properties); + property_list_free(node->deadprops); - if (!prop) { - prop = node->deadprops; - node->deadprops = NULL; - } - } kfree(node->full_name); kfree(node->data); kfree(node); -- 2.6.2
Powered by blists - more mailing lists