linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH v2] tracing/probes: Fix memory leak in traceprobe_parse_probe_arg_body
@ 2024-04-27  2:57 lumingyindetect
  2024-04-27  6:36 ` Markus Elfring
  0 siblings, 1 reply; 2+ messages in thread
From: lumingyindetect @ 2024-04-27  2:57 UTC (permalink / raw)
  To: linux-trace-kernel, linux-kernel
  Cc: rostedt, mhiramat, mathieu.desnoyers, LuMingYin

From: LuMingYin <lumingyindetect@126.com>

If traceprobe_parse_probe_arg_body() fails to allocate 'parg->fmt', it
jumps to 'out' instead of 'fail' by mistake. In the result, in this
case the 'tmp' buffer is not freed and leaks its memory.

Fix it by jumping to 'fail' in that case.

Fixes: 032330abd08b ("tracing/probes: Cleanup probe argument parser")
Signed-off-by: LuMingYin <lumingyindetect@126.com>
---
 kernel/trace/trace_probe.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/trace/trace_probe.c b/kernel/trace/trace_probe.c
index dfe3ee6035ec..42bc0f362226 100644
--- a/kernel/trace/trace_probe.c
+++ b/kernel/trace/trace_probe.c
@@ -1466,7 +1466,7 @@ static int traceprobe_parse_probe_arg_body(const char *argv, ssize_t *size,
 		parg->fmt = kmalloc(len, GFP_KERNEL);
 		if (!parg->fmt) {
 			ret = -ENOMEM;
-			goto out;
+			goto fail;
 		}
 		snprintf(parg->fmt, len, "%s[%d]", parg->type->fmttype,
 			 parg->count);
-- 
2.25.1


^ permalink raw reply related	[flat|nested] 2+ messages in thread
* Re: [PATCH v2] tracing/probes: Fix memory leak in traceprobe_parse_probe_arg_body
  2024-04-27  2:57 [PATCH v2] tracing/probes: Fix memory leak in traceprobe_parse_probe_arg_body lumingyindetect
@ 2024-04-27  6:36 ` Markus Elfring
  0 siblings, 0 replies; 2+ messages in thread
From: Markus Elfring @ 2024-04-27  6:36 UTC (permalink / raw)
  To: LuMingYin, linux-trace-kernel, kernel-janitors, Masami Hiramatsu,
	Mathieu Desnoyers, Steven Rostedt
  Cc: LKML

I suggest to append parentheses to the function name in the summary phrase.


> If traceprobe_parse_probe_arg_body() fails to allocate 'parg->fmt', it
> jumps to 'out' instead of 'fail' by mistake. In the result, in this
> case the 'tmp' buffer is not freed and leaks its memory.
>
> Fix it by jumping to 'fail' in that case.

I propose to improve such a change description another bit like the following.

   If traceprobe_parse_probe_arg_body() failed to allocate the object “parg->fmt”,
   it jumps to the label “out” instead of “fail” by mistake.
   In the result, the buffer “tmp” is not freed in this case and leaks its memory.

   Thus jump to the label “fail” in that error case.


Regards,
Markus

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2024-04-27  6:36 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-04-27  2:57 [PATCH v2] tracing/probes: Fix memory leak in traceprobe_parse_probe_arg_body lumingyindetect
2024-04-27  6:36 ` Markus Elfring

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).