Message-ID: <tencent_3C5078D216712F6F21FC8792FADED59A3D09@qq.com>
Date: Tue, 17 Jun 2025 17:55:31 +0800
From: jackysliu <1972843537@...com>
To: skashyap@...vell.com
Cc: jhasan@...vell.com,
	GR-QLogic-Storage-Upstream@...vell.com,
	James.Bottomley@...senPartnership.com,
	martin.petersen@...cle.com,
	linux-scsi@...r.kernel.org,
	linux-kernel@...r.kernel.org,
	jackysliu <1972843537@...com>
Subject: [PATCH] scsi: qedf: Fix a possible memory leak in qedf_prepare_sb()

A memory leak vulnerability found in
linux/drivers/scsi/qedf/qedf_main.c , qedf_prepare_sb Function Due to
Missing Resource Cleanup in Error Path.

The qedf_prepare_sb function allocates resources in a loop for
multiple queues. If an allocation fails mid-loop (e.g., kcalloc for
fp->sb_info or qedf_alloc_and_init_sb fails), the error path (goto
err) returns without freeing resources allocated in previous
iterations

Signed-off-by: jackysliu <1972843537@...com>
---
 drivers/scsi/qedf/qedf_main.c | 12 +++++++++++-
 1 files changed, 11 insertions(+), 1 deletions(-)

diff --git a/drivers/scsi/qedf/qedf_main.c b/drivers/scsi/qedf/qedf_main.c
index 6b1ebab36fa3..8767d9de819f 100644
--- a/drivers/scsi/qedf/qedf_main.c
+++ b/drivers/scsi/qedf/qedf_main.c
@@ -2809,7 +2809,17 @@ static int qedf_prepare_sb(struct qedf_ctx *qedf)
 		    sizeof(struct fcoe_cqe);
 	}
 err:
-	return 0;
+for (int i = 0; i < id; i++) {
+	fp = &qedf->fp_array[i];
+if (fp->sb_info) {
+	qedf_free_sb(qedf, fp->sb_info);
+kfree(fp->sb_info);
+fp->sb_info = NULL;
+}
+}
+kfree(qedf->fp_array);
+qedf->fp_array = NULL;
+return -ENOMEM;
 }
 
 void qedf_process_cqe(struct qedf_ctx *qedf, struct fcoe_cqe *cqe)

Powered by blists - more mailing lists