lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <CA+V-a8u6068HOEkrZizB6+bzbDdZyS=UQ0bA6OBch3_17j_GQQ@mail.gmail.com>
Date:   Tue, 4 Jun 2019 09:47:44 +0100
From:   "Lad, Prabhakar" <prabhakar.csengg@...il.com>
To:     Yang Xiao <92siuyang@...il.com>
Cc:     Mauro Carvalho Chehab <mchehab@...nel.org>,
        linux-media <linux-media@...r.kernel.org>,
        LKML <linux-kernel@...r.kernel.org>,
        Hans Verkuil <hverkuil@...all.nl>
Subject: Re: [PATCH] media: davinci: vpif_capture: fix memory leak in vpif_probe()

Cheers,
--Prabhakar Lad

On Tue, Jun 4, 2019 at 9:34 AM Yang Xiao <92siuyang@...il.com> wrote:
>
> On Tue, Jun 4, 2019 at 4:15 PM Lad, Prabhakar
> <prabhakar.csengg@...il.com> wrote:
> >
> > Hi Young,
> >
> > Thanks for the patch.
> >
> > On Tue, Jun 4, 2019 at 8:49 AM Young Xiao <92siuyang@...il.com> wrote:
> > >
> > > If vpif_probe() fails on v4l2_device_register() and vpif_probe_complete(),
> > > then memory allocated at initialize_vpif() for global vpif_obj.dev[i]
> > > become unreleased.
> > >
> > > The patch adds deallocation of vpif_obj.dev[i] on the error path.
> > >
> > > Signed-off-by: Young Xiao <92siuyang@...il.com>
> > > ---
> > >  drivers/media/platform/davinci/vpif_capture.c | 19 ++++++++++++++++---
> > >  1 file changed, 16 insertions(+), 3 deletions(-)
> > >
> > > diff --git a/drivers/media/platform/davinci/vpif_capture.c b/drivers/media/platform/davinci/vpif_capture.c
> > > index b5aacb0..277d500 100644
> > > --- a/drivers/media/platform/davinci/vpif_capture.c
> > > +++ b/drivers/media/platform/davinci/vpif_capture.c
> > > @@ -1385,6 +1385,14 @@ static int initialize_vpif(void)
> > >         return err;
> > >  }
> > >
> > > +static void free_vpif_objs(void)
> > > +{
> > function could be made inline.
> >
> > > +       int i;
> > > +
> > > +       for (i = 0; i < VPIF_DISPLAY_MAX_DEVICES; i++)
> >
> > VPIF_DISPLAY_MAX_DEVICES ? this should be  VPIF_CAPTURE_MAX_DEVICES
> >
> > > +               kfree(vpif_obj.dev[i]);
> > > +}
> > > +
> > >  static int vpif_async_bound(struct v4l2_async_notifier *notifier,
> > >                             struct v4l2_subdev *subdev,
> > >                             struct v4l2_async_subdev *asd)
> > > @@ -1654,7 +1662,7 @@ static __init int vpif_probe(struct platform_device *pdev)
> > >         err = v4l2_device_register(vpif_dev, &vpif_obj.v4l2_dev);
> > >         if (err) {
> > >                 v4l2_err(vpif_dev->driver, "Error registering v4l2 device\n");
> > > -               goto cleanup;
> > > +               goto vpif_free;
> > >         }
> > >
> > >         while ((res = platform_get_resource(pdev, IORESOURCE_IRQ, res_idx))) {
> > > @@ -1701,7 +1709,10 @@ static __init int vpif_probe(struct platform_device *pdev)
> > >                                   "registered sub device %s\n",
> > >                                    subdevdata->name);
> > >                 }
> > > -               vpif_probe_complete();
> > > +               err = vpif_probe_complete();
> > > +               if (err) {
> > > +                       goto probe_subdev_out;
> > > +               }
> >
> > No need for { and } as per kernel coding style.
>
> Sorry, I can not get your point here.
> There is no need to check the return value of vpif_probe_complete(), isn't it?
> So, we just fix the memory leak in the error path of v4l2_device_register()?
>
Not sure if you got my statement here, it means do not add {} braces
around the if statement,
so for example the code should look like something below (refer the
link [1] for more reading)

 err = vpif_probe_complete();
 if (err)
    goto probe_subdev_out;


[1] https://www.kernel.org/doc/html/v4.10/process/coding-style.html#placing-braces-and-spaces

Cheers,
--Prabhakar Lad

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ