lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20230116151654.00005666@Huawei.com>
Date:   Mon, 16 Jan 2023 15:16:54 +0000
From:   Jonathan Cameron <Jonathan.Cameron@...wei.com>
To:     Yulong Zhang <yulong.zhang@...oak.net>
CC:     <jic23@...nel.org>, <lars@...afoo.de>, <linux-iio@...r.kernel.org>,
        <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v2] tools/iio/iio_utils:fix memory leak

On Mon, 16 Jan 2023 11:30:07 +0800
Yulong Zhang <yulong.zhang@...oak.net> wrote:

> 1. fopen sysfs without fclose.
> 2. asprintf filename without free.
> 3. if asprintf return error,do not need to free the buffer.
> 
> Signed-off-by: Yulong Zhang <yulong.zhang@...oak.net>
> ---
> Yes, you are right. Thanks you for the advice.
> I found another problem, when asprintf return error, still free the
> buffer.This is not correct,I've removed it.
> 
> > sysfsfp = fopen(filename, "r");
> > if (!sysfsfp) {
> >       ret = -errno;
> >       fprintf(stderr, "failed to open %s\n",
> >               filename);
> >       free(filename);
> >       goto error_cleanup_array;
> > }
> > free(filename);  
> Because in if statement still use filename,so I can't free filename
> before it.And I am not sure it can be removed,so I free filename after if
> statement.

Agreed.  My suggestion is drop that error print to simplify the code.
It isn't particularly important to know the full filename that we failed
to open so I think dropping it is a reasonable thing to do.

If you really care about the message then
fprintf(stderr, "failed to open %s/%s_index\n", scan_el_dir, current->name);
will work.


> 
>  tools/iio/iio_utils.c | 17 ++++-------------
>  1 file changed, 4 insertions(+), 13 deletions(-)
> 
> diff --git a/tools/iio/iio_utils.c b/tools/iio/iio_utils.c
> index 8d35893b2fa8..abec4331701c 100644
> --- a/tools/iio/iio_utils.c
> +++ b/tools/iio/iio_utils.c
> @@ -264,6 +264,7 @@ int iioutils_get_param_float(float *output, const char *param_name,
>  			if (fscanf(sysfsfp, "%f", output) != 1)
>  				ret = errno ? -errno : -ENODATA;
>  
> +			fclose(sysfsfp);
>  			break;
>  		}
>  error_free_filename:
> @@ -350,6 +351,7 @@ int build_channel_array(const char *device_dir, int buffer_idx,
>  				free(filename);
>  				goto error_close_dir;
>  			}
> +			free(filename);
>  
>  			errno = 0;
>  			if (fscanf(sysfsfp, "%i", &ret) != 1) {
> @@ -357,7 +359,6 @@ int build_channel_array(const char *device_dir, int buffer_idx,
>  				if (fclose(sysfsfp))
>  					perror("build_channel_array(): Failed to close file");
>  
> -				free(filename);
>  				goto error_close_dir;
>  			}
>  			if (ret == 1)
> @@ -365,11 +366,9 @@ int build_channel_array(const char *device_dir, int buffer_idx,
>  
>  			if (fclose(sysfsfp)) {
>  				ret = -errno;
> -				free(filename);
>  				goto error_close_dir;
>  			}
>  
> -			free(filename);
>  		}
>  
>  	*ci_array = malloc(sizeof(**ci_array) * (*counter));
> @@ -395,9 +394,9 @@ int build_channel_array(const char *device_dir, int buffer_idx,
>  			}
>  
>  			sysfsfp = fopen(filename, "r");
> +			free(filename);
>  			if (!sysfsfp) {
>  				ret = -errno;
> -				free(filename);
>  				count--;
>  				goto error_cleanup_array;
>  			}
> @@ -405,20 +404,17 @@ int build_channel_array(const char *device_dir, int buffer_idx,
>  			errno = 0;
>  			if (fscanf(sysfsfp, "%i", &current_enabled) != 1) {
>  				ret = errno ? -errno : -ENODATA;
> -				free(filename);
>  				count--;
>  				goto error_cleanup_array;
>  			}
>  
>  			if (fclose(sysfsfp)) {
>  				ret = -errno;
> -				free(filename);
>  				count--;
>  				goto error_cleanup_array;
>  			}
>  
>  			if (!current_enabled) {
> -				free(filename);
>  				count--;
>  				continue;
>  			}
> @@ -429,7 +425,6 @@ int build_channel_array(const char *device_dir, int buffer_idx,
>  						strlen(ent->d_name) -
>  						strlen("_en"));
>  			if (!current->name) {
> -				free(filename);
>  				ret = -ENOMEM;
>  				count--;
>  				goto error_cleanup_array;
> @@ -439,7 +434,6 @@ int build_channel_array(const char *device_dir, int buffer_idx,
>  			ret = iioutils_break_up_name(current->name,
>  						     &current->generic_name);
>  			if (ret) {
> -				free(filename);
>  				free(current->name);
>  				count--;
>  				goto error_cleanup_array;
> @@ -450,7 +444,6 @@ int build_channel_array(const char *device_dir, int buffer_idx,
>  				       scan_el_dir,
>  				       current->name);
>  			if (ret < 0) {
> -				free(filename);
>  				ret = -ENOMEM;
>  				goto error_cleanup_array;
>  			}
> @@ -463,6 +456,7 @@ int build_channel_array(const char *device_dir, int buffer_idx,
>  				free(filename);
>  				goto error_cleanup_array;
>  			}
> +			free(filename);
>  
>  			errno = 0;
>  			if (fscanf(sysfsfp, "%u", &current->index) != 1) {
> @@ -470,17 +464,14 @@ int build_channel_array(const char *device_dir, int buffer_idx,
>  				if (fclose(sysfsfp))
>  					perror("build_channel_array(): Failed to close file");
>  
> -				free(filename);
>  				goto error_cleanup_array;
>  			}
>  
>  			if (fclose(sysfsfp)) {
>  				ret = -errno;
> -				free(filename);
>  				goto error_cleanup_array;
>  			}
>  
> -			free(filename);
>  			/* Find the scale */
>  			ret = iioutils_get_param_float(&current->scale,
>  						       "scale",

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ