From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Masahiro Yamada <masahiroy@kernel.org>,
Sasha Levin <sashal@kernel.org>,
linux-kbuild@vger.kernel.org
Subject: [PATCH AUTOSEL 6.6 13/17] kconfig: fix memory leak from range properties
Date: Wed, 22 Nov 2023 10:31:42 -0500 [thread overview]
Message-ID: <20231122153212.852040-13-sashal@kernel.org> (raw)
In-Reply-To: <20231122153212.852040-1-sashal@kernel.org>
From: Masahiro Yamada <masahiroy@kernel.org>
[ Upstream commit ae1eff0349f2e908fc083630e8441ea6dc434dc0 ]
Currently, sym_validate_range() duplicates the range string using
xstrdup(), which is overwritten by a subsequent sym_calc_value() call.
It results in a memory leak.
Instead, only the pointer should be copied.
Below is a test case, with a summary from Valgrind.
[Test Kconfig]
config FOO
int "foo"
range 10 20
[Test .config]
CONFIG_FOO=0
[Before]
LEAK SUMMARY:
definitely lost: 3 bytes in 1 blocks
indirectly lost: 0 bytes in 0 blocks
possibly lost: 0 bytes in 0 blocks
still reachable: 17,465 bytes in 21 blocks
suppressed: 0 bytes in 0 blocks
[After]
LEAK SUMMARY:
definitely lost: 0 bytes in 0 blocks
indirectly lost: 0 bytes in 0 blocks
possibly lost: 0 bytes in 0 blocks
still reachable: 17,462 bytes in 20 blocks
suppressed: 0 bytes in 0 blocks
Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
scripts/kconfig/symbol.c | 14 ++++++--------
1 file changed, 6 insertions(+), 8 deletions(-)
diff --git a/scripts/kconfig/symbol.c b/scripts/kconfig/symbol.c
index 0572330bf8a78..a76925b46ce63 100644
--- a/scripts/kconfig/symbol.c
+++ b/scripts/kconfig/symbol.c
@@ -122,9 +122,9 @@ static long long sym_get_range_val(struct symbol *sym, int base)
static void sym_validate_range(struct symbol *sym)
{
struct property *prop;
+ struct symbol *range_sym;
int base;
long long val, val2;
- char str[64];
switch (sym->type) {
case S_INT:
@@ -140,17 +140,15 @@ static void sym_validate_range(struct symbol *sym)
if (!prop)
return;
val = strtoll(sym->curr.val, NULL, base);
- val2 = sym_get_range_val(prop->expr->left.sym, base);
+ range_sym = prop->expr->left.sym;
+ val2 = sym_get_range_val(range_sym, base);
if (val >= val2) {
- val2 = sym_get_range_val(prop->expr->right.sym, base);
+ range_sym = prop->expr->right.sym;
+ val2 = sym_get_range_val(range_sym, base);
if (val <= val2)
return;
}
- if (sym->type == S_INT)
- sprintf(str, "%lld", val2);
- else
- sprintf(str, "0x%llx", val2);
- sym->curr.val = xstrdup(str);
+ sym->curr.val = range_sym->curr.val;
}
static void sym_set_changed(struct symbol *sym)
--
2.42.0
next prev parent reply other threads:[~2023-11-22 15:33 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-22 15:31 [PATCH AUTOSEL 6.6 01/17] scsi: sd: Fix sshdr use in sd_suspend_common() Sasha Levin
2023-11-22 15:31 ` [PATCH AUTOSEL 6.6 02/17] x86/acpi: Ignore invalid x2APIC entries Sasha Levin
2023-12-06 7:04 ` Andres Freund
2023-12-12 16:17 ` Thomas Gleixner
2023-11-22 15:31 ` [PATCH AUTOSEL 6.6 03/17] hrtimers: Push pending hrtimers away from outgoing CPU earlier Sasha Levin
2023-11-22 15:31 ` [PATCH AUTOSEL 6.6 04/17] i2c: designware: Fix corrupted memory seen in the ISR Sasha Levin
2023-11-22 15:31 ` [PATCH AUTOSEL 6.6 05/17] i2c: ocores: Move system PM hooks to the NOIRQ phase Sasha Levin
2023-11-22 15:31 ` [PATCH AUTOSEL 6.6 06/17] netfilter: ipset: fix race condition between swap/destroy and kernel side add/del/test Sasha Levin
2023-11-22 15:31 ` [PATCH AUTOSEL 6.6 07/17] nouveau: use an rwlock for the event lock Sasha Levin
2023-11-22 15:31 ` Sasha Levin
2023-11-22 15:31 ` [Nouveau] " Sasha Levin
2023-11-22 15:31 ` [PATCH AUTOSEL 6.6 08/17] zstd: Fix array-index-out-of-bounds UBSAN warning Sasha Levin
2023-11-22 15:31 ` [PATCH AUTOSEL 6.6 09/17] tg3: Move the [rt]x_dropped counters to tg3_napi Sasha Levin
2023-11-22 15:31 ` [PATCH AUTOSEL 6.6 10/17] tg3: Increment tx_dropped in tg3_tso_bug() Sasha Levin
2023-11-22 15:31 ` [PATCH AUTOSEL 6.6 11/17] modpost: fix section mismatch message for RELA Sasha Levin
2023-11-22 15:31 ` Sasha Levin
2023-11-22 15:31 ` [PATCH AUTOSEL 6.6 12/17] linux/export: clean up the IA-64 KSYM_FUNC macro Sasha Levin
2023-11-22 20:06 ` Lukas Bulwahn
2023-12-06 1:57 ` Sasha Levin
2023-11-22 15:31 ` Sasha Levin [this message]
2023-11-22 15:31 ` [PATCH AUTOSEL 6.6 14/17] drm/amdgpu: Do not program VF copy regs in mmhub v1.8 under SRIOV (v2) Sasha Levin
2023-11-22 15:31 ` Sasha Levin
2023-11-22 15:31 ` Sasha Levin
2023-11-22 15:31 ` [PATCH AUTOSEL 6.6 15/17] drm/amdgpu: finalizing mem_partitions at the end of GMC v9 sw_fini Sasha Levin
2023-11-22 15:31 ` Sasha Levin
2023-11-22 15:31 ` Sasha Levin
2023-11-22 15:31 ` [PATCH AUTOSEL 6.6 16/17] drm/amdgpu: correct chunk_ptr to a pointer to chunk Sasha Levin
2023-11-22 15:31 ` Sasha Levin
2023-11-22 15:31 ` Sasha Levin
2023-11-22 15:31 ` [PATCH AUTOSEL 6.6 17/17] dm-crypt: start allocating with MAX_ORDER Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231122153212.852040-13-sashal@kernel.org \
--to=sashal@kernel.org \
--cc=linux-kbuild@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=masahiroy@kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.