lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <tencent_72EDAD7F6E52D8FB5933030A569A08AEC406@qq.com>
Date: Mon, 21 Jul 2025 15:28:04 +0800
From: jackysliu <1972843537@...com>
To: maz@...nel.org
Cc: tglx@...utronix.de,
	herve.codina@...tlin.com,
	antonio.borneo@...s.st.com,
	anup@...infault.org,
	jirislaby@...nel.org,
	linux-arm-kernel@...ts.infradead.org,
	linux-kernel@...r.kernel.org,
	jackysliu <1972843537@...com>
Subject: [PATCH] irqchip/gic-v3: fix resource leak in partition_domain_translate()

There is a device node reference leak in partition_domain_translate().
After the function obtains the device node np via of_find_node_by_phandle,
it does not call of_node_put(np) to release the node reference
in both the error path and the normal return path.
This causes the node reference count to increase each time
the function is called, causing a resource leak.

This issue was detected by rule based static tools
developed by Tencent.

Fixes: 87228532e7e9 ("irqchip: Switch to of_fwnode_handle()")

Signed-off-by: jackysliu <1972843537@...com>
---
 drivers/irqchip/irq-gic-v3.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/drivers/irqchip/irq-gic-v3.c b/drivers/irqchip/irq-gic-v3.c
index efc791c43d44..61c1d404b726 100644
--- a/drivers/irqchip/irq-gic-v3.c
+++ b/drivers/irqchip/irq-gic-v3.c
@@ -1821,12 +1821,16 @@ static int partition_domain_translate(struct irq_domain *d,
 		return -EINVAL;
 
 	ret = gic_irq_domain_translate(d, fwspec, &ppi_intid, type);
-	if (WARN_ON_ONCE(ret))
+	if (WARN_ON_ONCE(ret)) {
+		of_node_put(np);
 		return 0;
+	}
 
 	ppi_idx = __gic_get_ppi_index(ppi_intid);
 	ret = partition_translate_id(gic_data.ppi_descs[ppi_idx],
 				     of_fwnode_handle(np));
+	of_node_put(np);
+
 	if (ret < 0)
 		return ret;
 
-- 
2.43.5

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ