| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 15 Jul 2022 22:10:41 +0300
From: Laurent Pinchart <laurent.pinchart@...asonboard.com>
To: José Expósito <jose.exposito89@...il.com>
Cc: mchehab@...nel.org, linux-media@...r.kernel.org,
linux-kernel@...r.kernel.org, ribalda@...omium.org
Subject: Re: [PATCH RESEND v2] media: uvcvideo: Fix memory leak in
uvc_gpio_parse
Hi José,
Thank you for the patch.
On Sat, Jan 08, 2022 at 06:04:39PM +0100, José Expósito wrote:
I can't believe I've managed to ignore this patch for so long :-( Sorry.
> Previously the unit buffer was allocated before checking the IRQ for
> privacy GPIO.
> In case of error, the unit buffer was leaked.
>
> Allocate the unit buffer after the IRQ to avoid it.
>
> Addresses-Coverity-ID: 1474639 ("Resource leak")
> Fixes: 2886477ff987 ("media: uvcvideo: Implement UVC_EXT_GPIO_UNIT")
> Signed-off-by: José Expósito <jose.exposito89@...il.com>
> Reviewed-by: Ricardo Ribalda <ribalda@...omium.org>
Reviewed-by: Laurent Pinchart <laurent.pinchart@...asonboard.com>
> ---
>
> v2: Add Fixes and Reviewed-by tags
> ---
> drivers/media/usb/uvc/uvc_driver.c | 8 ++++----
> 1 file changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/drivers/media/usb/uvc/uvc_driver.c b/drivers/media/usb/uvc/uvc_driver.c
> index 7c007426e082..9e83e2002710 100644
> --- a/drivers/media/usb/uvc/uvc_driver.c
> +++ b/drivers/media/usb/uvc/uvc_driver.c
> @@ -1533,10 +1533,6 @@ static int uvc_gpio_parse(struct uvc_device *dev)
> if (IS_ERR_OR_NULL(gpio_privacy))
> return PTR_ERR_OR_ZERO(gpio_privacy);
>
> - unit = uvc_alloc_entity(UVC_EXT_GPIO_UNIT, UVC_EXT_GPIO_UNIT_ID, 0, 1);
> - if (!unit)
> - return -ENOMEM;
> -
> irq = gpiod_to_irq(gpio_privacy);
> if (irq < 0) {
> if (irq != EPROBE_DEFER)
> @@ -1545,6 +1541,10 @@ static int uvc_gpio_parse(struct uvc_device *dev)
> return irq;
> }
>
> + unit = uvc_alloc_entity(UVC_EXT_GPIO_UNIT, UVC_EXT_GPIO_UNIT_ID, 0, 1);
> + if (!unit)
> + return -ENOMEM;
> +
> unit->gpio.gpio_privacy = gpio_privacy;
> unit->gpio.irq = irq;
> unit->gpio.bControlSize = 1;
--
Regards,
Laurent Pinchart
Powered by blists - more mailing lists