| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20240403004718.11902-1-W_Armin@gmx.de>
Date: Wed, 3 Apr 2024 02:47:18 +0200
From: Armin Wolf <W_Armin@....de>
To: robert.moore@...el.com,
rafael.j.wysocki@...el.com,
lenb@...nel.org
Cc: dmantipov@...dex.ru,
linux-acpi@...r.kernel.org,
acpica-devel@...ts.linux.dev,
linux-kernel@...r.kernel.org
Subject: [PATCH] ACPICA: Fix memory leak then namespace lookup fails
When acpi_ps_get_next_namepath() fails due to a namespace lookup
failure, the acpi_parse_object is not freed before returning the
error code, causing a memory leak.
Fix this by freeing the acpi_parse_object when encountering an
error.
Tested-by: Dmitry Antipov <dmantipov@...dex.ru>
Signed-off-by: Armin Wolf <W_Armin@....de>
---
drivers/acpi/acpica/psargs.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/drivers/acpi/acpica/psargs.c b/drivers/acpi/acpica/psargs.c
index 422c074ed289..7debfd5ce0d8 100644
--- a/drivers/acpi/acpica/psargs.c
+++ b/drivers/acpi/acpica/psargs.c
@@ -820,6 +820,10 @@ acpi_ps_get_next_arg(struct acpi_walk_state *walk_state,
acpi_ps_get_next_namepath(walk_state, parser_state,
arg,
ACPI_NOT_METHOD_CALL);
+ if (ACPI_FAILURE(status)) {
+ acpi_ps_free_op(arg);
+ return_ACPI_STATUS(status);
+ }
} else {
/* Single complex argument, nothing returned */
@@ -854,6 +858,10 @@ acpi_ps_get_next_arg(struct acpi_walk_state *walk_state,
acpi_ps_get_next_namepath(walk_state, parser_state,
arg,
ACPI_POSSIBLE_METHOD_CALL);
+ if (ACPI_FAILURE(status)) {
+ acpi_ps_free_op(arg);
+ return_ACPI_STATUS(status);
+ }
if (arg->common.aml_opcode == AML_INT_METHODCALL_OP) {
--
2.39.2
Powered by blists - more mailing lists