| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20200511162927.2843-1-srinivas.kandagatla@linaro.org>
Date: Mon, 11 May 2020 17:29:27 +0100
From: Srinivas Kandagatla <srinivas.kandagatla@...aro.org>
To: gregkh@...uxfoundation.org
Cc: linux-arm-msm@...r.kernel.org, linux-kernel@...r.kernel.org,
arnd@...db.de,
Srinivas Kandagatla <srinivas.kandagatla@...aro.org>,
Dan Carpenter <dan.carpenter@...cle.com>
Subject: [PATCH] misc: fastrpc: fix potential fastrpc_invoke_ctx leak
fastrpc_invoke_ctx can have refcount of 2 in error path where
rpmsg_send() fails to send invoke message. decrement the refcount
properly in the error path to fix this leak.
This also fixes below static checker warning:
drivers/misc/fastrpc.c:990 fastrpc_internal_invoke()
warn: 'ctx->refcount.refcount.ref.counter' not decremented on lines: 990.
Fixes: c68cfb718c8f ("misc: fastrpc: Add support for context")
Reported-by: Dan Carpenter <dan.carpenter@...cle.com>
Signed-off-by: Srinivas Kandagatla <srinivas.kandagatla@...aro.org>
---
drivers/misc/fastrpc.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/drivers/misc/fastrpc.c b/drivers/misc/fastrpc.c
index 9065d3e71ff7..07065728e39f 100644
--- a/drivers/misc/fastrpc.c
+++ b/drivers/misc/fastrpc.c
@@ -949,8 +949,10 @@ static int fastrpc_internal_invoke(struct fastrpc_user *fl, u32 kernel,
dma_wmb();
/* Send invoke buffer to remote dsp */
err = fastrpc_invoke_send(fl->sctx, ctx, kernel, handle);
- if (err)
+ if (err) {
+ fastrpc_context_put(ctx);
goto bail;
+ }
if (kernel) {
if (!wait_for_completion_timeout(&ctx->work, 10 * HZ))
--
2.21.0
Powered by blists - more mailing lists