* [PATCH] iio/adjd_s311: Fix potential memory leak in adjd_s311_update_scan_mode()
@ 2012-08-08 6:36 Alexey Khoroshilov
2012-08-08 7:17 ` Peter Meerwald
0 siblings, 1 reply; 6+ messages in thread
From: Alexey Khoroshilov @ 2012-08-08 6:36 UTC (permalink / raw)
To: Peter Meerwald
Cc: Alexey Khoroshilov, Jonathan Cameron, linux-iio, linux-kernel,
ldv-project
Do not leak memory by updating pointer with potentially
NULL realloc return value.
Found by Linux Driver Verification project (linuxtesting.org).
Signed-off-by: Alexey Khoroshilov <khoroshilov@ispras.ru>
---
drivers/iio/light/adjd_s311.c | 14 ++++++++++----
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/drivers/iio/light/adjd_s311.c b/drivers/iio/light/adjd_s311.c
index 1cbb449..0adda5b 100644
--- a/drivers/iio/light/adjd_s311.c
+++ b/drivers/iio/light/adjd_s311.c
@@ -271,12 +271,18 @@ static int adjd_s311_update_scan_mode(struct iio_dev *indio_dev,
const unsigned long *scan_mask)
{
struct adjd_s311_data *data = iio_priv(indio_dev);
- data->buffer = krealloc(data->buffer, indio_dev->scan_bytes,
+ u16 *new_buffer;
+ int ret = 0;
+
+ new_buffer = krealloc(data->buffer, indio_dev->scan_bytes,
GFP_KERNEL);
- if (!data->buffer)
- return -ENOMEM;
+ if (new_buffer == NULL) {
+ kfree(data->buffer);
+ ret = -ENOMEM;
+ }
+ data->buffer = new_buffer;
- return 0;
+ return ret;
}
static const struct iio_info adjd_s311_info = {
--
1.7.9.5
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH] iio/adjd_s311: Fix potential memory leak in adjd_s311_update_scan_mode()
2012-08-08 6:36 [PATCH] iio/adjd_s311: Fix potential memory leak in adjd_s311_update_scan_mode() Alexey Khoroshilov
@ 2012-08-08 7:17 ` Peter Meerwald
2012-08-08 7:37 ` Lars-Peter Clausen
` (2 more replies)
0 siblings, 3 replies; 6+ messages in thread
From: Peter Meerwald @ 2012-08-08 7:17 UTC (permalink / raw)
To: Alexey Khoroshilov
Cc: Jonathan Cameron, linux-iio, linux-kernel, ldv-project,
Lars-Peter Clausen
> Do not leak memory by updating pointer with potentially
> NULL realloc return value.
I agree
use of krealloc() was suggested in driver review (see
http://www.spinics.net/lists/linux-iio/msg05930.html) to shorten the code;
unfortunately, I misunderstood the semantics of krealloc() in case
allocation fails
this is the original code:
kfree(data->buffer);
data->buffer = kmalloc(indio_dev->scan_bytes, GFP_KERNEL);
if (!data->buffer)
return -ENOMEM;
I suggest to switch back to that original code, there is no need preserve
the data in the buffer as krealloc does
thanks, p.
> Found by Linux Driver Verification project (linuxtesting.org).
>
> Signed-off-by: Alexey Khoroshilov <khoroshilov@ispras.ru>
> ---
> drivers/iio/light/adjd_s311.c | 14 ++++++++++----
> 1 file changed, 10 insertions(+), 4 deletions(-)
>
> diff --git a/drivers/iio/light/adjd_s311.c b/drivers/iio/light/adjd_s311.c
> index 1cbb449..0adda5b 100644
> --- a/drivers/iio/light/adjd_s311.c
> +++ b/drivers/iio/light/adjd_s311.c
> @@ -271,12 +271,18 @@ static int adjd_s311_update_scan_mode(struct iio_dev *indio_dev,
> const unsigned long *scan_mask)
> {
> struct adjd_s311_data *data = iio_priv(indio_dev);
> - data->buffer = krealloc(data->buffer, indio_dev->scan_bytes,
> + u16 *new_buffer;
> + int ret = 0;
> +
> + new_buffer = krealloc(data->buffer, indio_dev->scan_bytes,
> GFP_KERNEL);
> - if (!data->buffer)
> - return -ENOMEM;
> + if (new_buffer == NULL) {
> + kfree(data->buffer);
> + ret = -ENOMEM;
> + }
> + data->buffer = new_buffer;
>
> - return 0;
> + return ret;
> }
>
> static const struct iio_info adjd_s311_info = {
>
--
Peter Meerwald
+43-664-2444418 (mobile)
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] iio/adjd_s311: Fix potential memory leak in adjd_s311_update_scan_mode()
2012-08-08 7:17 ` Peter Meerwald
@ 2012-08-08 7:37 ` Lars-Peter Clausen
2012-08-08 9:01 ` Alexey Khoroshilov
2012-08-08 9:58 ` [PATCH v2] " Alexey Khoroshilov
2 siblings, 0 replies; 6+ messages in thread
From: Lars-Peter Clausen @ 2012-08-08 7:37 UTC (permalink / raw)
To: Peter Meerwald
Cc: Alexey Khoroshilov, Jonathan Cameron, linux-iio, linux-kernel,
ldv-project
On 08/08/2012 09:17 AM, Peter Meerwald wrote:
>
>> Do not leak memory by updating pointer with potentially
>> NULL realloc return value.
>
> I agree
>
> use of krealloc() was suggested in driver review (see
> http://www.spinics.net/lists/linux-iio/msg05930.html) to shorten the code;
> unfortunately, I misunderstood the semantics of krealloc() in case
> allocation fails
My fault I guess, sorry for that.
>
> this is the original code:
>
> kfree(data->buffer);
> data->buffer = kmalloc(indio_dev->scan_bytes, GFP_KERNEL);
> if (!data->buffer)
> return -ENOMEM;
>
> I suggest to switch back to that original code, there is no need preserve
> the data in the buffer as krealloc does
Agreed.
>
> thanks, p.
>
>> Found by Linux Driver Verification project (linuxtesting.org).
>>
>> Signed-off-by: Alexey Khoroshilov <khoroshilov@ispras.ru>
>> ---
>> drivers/iio/light/adjd_s311.c | 14 ++++++++++----
>> 1 file changed, 10 insertions(+), 4 deletions(-)
>>
>> diff --git a/drivers/iio/light/adjd_s311.c b/drivers/iio/light/adjd_s311.c
>> index 1cbb449..0adda5b 100644
>> --- a/drivers/iio/light/adjd_s311.c
>> +++ b/drivers/iio/light/adjd_s311.c
>> @@ -271,12 +271,18 @@ static int adjd_s311_update_scan_mode(struct iio_dev *indio_dev,
>> const unsigned long *scan_mask)
>> {
>> struct adjd_s311_data *data = iio_priv(indio_dev);
>> - data->buffer = krealloc(data->buffer, indio_dev->scan_bytes,
>> + u16 *new_buffer;
>> + int ret = 0;
>> +
>> + new_buffer = krealloc(data->buffer, indio_dev->scan_bytes,
>> GFP_KERNEL);
>> - if (!data->buffer)
>> - return -ENOMEM;
>> + if (new_buffer == NULL) {
>> + kfree(data->buffer);
>> + ret = -ENOMEM;
>> + }
>> + data->buffer = new_buffer;
>>
>> - return 0;
>> + return ret;
>> }
>>
>> static const struct iio_info adjd_s311_info = {
>>
>
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH] iio/adjd_s311: Fix potential memory leak in adjd_s311_update_scan_mode()
2012-08-08 7:17 ` Peter Meerwald
2012-08-08 7:37 ` Lars-Peter Clausen
@ 2012-08-08 9:01 ` Alexey Khoroshilov
2012-08-08 9:58 ` [PATCH v2] " Alexey Khoroshilov
2 siblings, 0 replies; 6+ messages in thread
From: Alexey Khoroshilov @ 2012-08-08 9:01 UTC (permalink / raw)
To: Peter Meerwald
Cc: Jonathan Cameron, linux-iio, linux-kernel, ldv-project,
Lars-Peter Clausen
On 08/08/2012 11:17 AM, Peter Meerwald wrote:
>> Do not leak memory by updating pointer with potentially
>> NULL realloc return value.
> I agree
>
> use of krealloc() was suggested in driver review (see
> http://www.spinics.net/lists/linux-iio/msg05930.html) to shorten the code;
> unfortunately, I misunderstood the semantics of krealloc() in case
> allocation fails
>
> this is the original code:
>
> kfree(data->buffer);
> data->buffer = kmalloc(indio_dev->scan_bytes, GFP_KERNEL);
> if (!data->buffer)
> return -ENOMEM;
>
> I suggest to switch back to that original code, there is no need preserve
> the data in the buffer as krealloc does
That is fine.
>> Found by Linux Driver Verification project (linuxtesting.org).
>>
>> Signed-off-by: Alexey Khoroshilov <khoroshilov@ispras.ru>
>> ---
>> drivers/iio/light/adjd_s311.c | 14 ++++++++++----
>> 1 file changed, 10 insertions(+), 4 deletions(-)
>>
>> diff --git a/drivers/iio/light/adjd_s311.c b/drivers/iio/light/adjd_s311.c
>> index 1cbb449..0adda5b 100644
>> --- a/drivers/iio/light/adjd_s311.c
>> +++ b/drivers/iio/light/adjd_s311.c
>> @@ -271,12 +271,18 @@ static int adjd_s311_update_scan_mode(struct iio_dev *indio_dev,
>> const unsigned long *scan_mask)
>> {
>> struct adjd_s311_data *data = iio_priv(indio_dev);
>> - data->buffer = krealloc(data->buffer, indio_dev->scan_bytes,
>> + u16 *new_buffer;
>> + int ret = 0;
>> +
>> + new_buffer = krealloc(data->buffer, indio_dev->scan_bytes,
>> GFP_KERNEL);
>> - if (!data->buffer)
>> - return -ENOMEM;
>> + if (new_buffer == NULL) {
>> + kfree(data->buffer);
>> + ret = -ENOMEM;
>> + }
>> + data->buffer = new_buffer;
>>
>> - return 0;
>> + return ret;
>> }
>>
>> static const struct iio_info adjd_s311_info = {
>>
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH v2] iio/adjd_s311: Fix potential memory leak in adjd_s311_update_scan_mode()
2012-08-08 7:17 ` Peter Meerwald
2012-08-08 7:37 ` Lars-Peter Clausen
2012-08-08 9:01 ` Alexey Khoroshilov
@ 2012-08-08 9:58 ` Alexey Khoroshilov
2012-08-08 11:05 ` Peter Meerwald
2 siblings, 1 reply; 6+ messages in thread
From: Alexey Khoroshilov @ 2012-08-08 9:58 UTC (permalink / raw)
To: Peter Meerwald
Cc: Alexey Khoroshilov, Jonathan Cameron, linux-iio, linux-kernel,
ldv-project, Lars-Peter Clausen
Do not leak memory by updating pointer with potentially NULL realloc return value.
There is no need to preserve data in the buffer,
so replace krealloc() by kfree()-kmalloc() pair.
Found by Linux Driver Verification project (linuxtesting.org).
Signed-off-by: Alexey Khoroshilov <khoroshilov@ispras.ru>
---
drivers/iio/light/adjd_s311.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/drivers/iio/light/adjd_s311.c b/drivers/iio/light/adjd_s311.c
index 1cbb449..9a99f43 100644
--- a/drivers/iio/light/adjd_s311.c
+++ b/drivers/iio/light/adjd_s311.c
@@ -271,9 +271,10 @@ static int adjd_s311_update_scan_mode(struct iio_dev *indio_dev,
const unsigned long *scan_mask)
{
struct adjd_s311_data *data = iio_priv(indio_dev);
- data->buffer = krealloc(data->buffer, indio_dev->scan_bytes,
- GFP_KERNEL);
- if (!data->buffer)
+
+ kfree(data->buffer);
+ data->buffer = kmalloc(indio_dev->scan_bytes, GFP_KERNEL);
+ if (data->buffer == NULL)
return -ENOMEM;
return 0;
--
1.7.9.5
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH v2] iio/adjd_s311: Fix potential memory leak in adjd_s311_update_scan_mode()
2012-08-08 9:58 ` [PATCH v2] " Alexey Khoroshilov
@ 2012-08-08 11:05 ` Peter Meerwald
0 siblings, 0 replies; 6+ messages in thread
From: Peter Meerwald @ 2012-08-08 11:05 UTC (permalink / raw)
To: Alexey Khoroshilov
Cc: Jonathan Cameron, linux-iio, linux-kernel, ldv-project,
Lars-Peter Clausen
> Do not leak memory by updating pointer with potentially NULL realloc return value.
> There is no need to preserve data in the buffer,
> so replace krealloc() by kfree()-kmalloc() pair.
>
> Found by Linux Driver Verification project (linuxtesting.org).
>
> Signed-off-by: Alexey Khoroshilov <khoroshilov@ispras.ru>
Acked-by: Peter Meerwald <pmeerw@pmeerw.net>
> ---
> drivers/iio/light/adjd_s311.c | 7 ++++---
> 1 file changed, 4 insertions(+), 3 deletions(-)
>
> diff --git a/drivers/iio/light/adjd_s311.c b/drivers/iio/light/adjd_s311.c
> index 1cbb449..9a99f43 100644
> --- a/drivers/iio/light/adjd_s311.c
> +++ b/drivers/iio/light/adjd_s311.c
> @@ -271,9 +271,10 @@ static int adjd_s311_update_scan_mode(struct iio_dev *indio_dev,
> const unsigned long *scan_mask)
> {
> struct adjd_s311_data *data = iio_priv(indio_dev);
> - data->buffer = krealloc(data->buffer, indio_dev->scan_bytes,
> - GFP_KERNEL);
> - if (!data->buffer)
> +
> + kfree(data->buffer);
> + data->buffer = kmalloc(indio_dev->scan_bytes, GFP_KERNEL);
> + if (data->buffer == NULL)
> return -ENOMEM;
>
> return 0;
>
--
Peter Meerwald
+43-664-2444418 (mobile)
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2012-08-08 11:05 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2012-08-08 6:36 [PATCH] iio/adjd_s311: Fix potential memory leak in adjd_s311_update_scan_mode() Alexey Khoroshilov
2012-08-08 7:17 ` Peter Meerwald
2012-08-08 7:37 ` Lars-Peter Clausen
2012-08-08 9:01 ` Alexey Khoroshilov
2012-08-08 9:58 ` [PATCH v2] " Alexey Khoroshilov
2012-08-08 11:05 ` Peter Meerwald
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.