linux-next.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* Coverity: can_rx_offload_irq_offload_timestamp(): Resource leaks
@ 2019-11-12  1:35 coverity-bot
  2019-11-12  8:09 ` Marc Kleine-Budde
  0 siblings, 1 reply; 3+ messages in thread
From: coverity-bot @ 2019-11-12  1:35 UTC (permalink / raw)
  To: Jeroen Hofstee; +Cc: Marc Kleine-Budde, Gustavo A. R. Silva, linux-next

Hello!

This is an experimental automated report about issues detected by Coverity
from a scan of next-20191108 as part of the linux-next weekly scan project:
https://scan.coverity.com/projects/linux-next-weekly-scan

You're getting this email because you were associated with the identified
lines of code (noted below) that were touched by recent commits:

c2a9f74c9d18 ("can: rx-offload: can_rx_offload_irq_offload_timestamp(): continue on error")

Coverity reported the following:

*** CID 1487846:  Resource leaks  (RESOURCE_LEAK)
/drivers/net/can/rx-offload.c: 219 in can_rx_offload_irq_offload_timestamp()
213
214     		if (!(pending & BIT_ULL(i)))
215     			continue;
216
217     		skb = can_rx_offload_offload_one(offload, i);
218     		if (IS_ERR_OR_NULL(skb))
vvv     CID 1487846:  Resource leaks  (RESOURCE_LEAK)
vvv     Variable "skb" going out of scope leaks the storage it points to.
219     			continue;
220
221     		__skb_queue_add_sort(&skb_queue, skb, can_rx_offload_compare);
222     	}
223
224     	if (!skb_queue_empty(&skb_queue)) {

If this is a false positive, please let us know so we can mark it as
such, or teach the Coverity rules to be smarter. If not, please make
sure fixes get into linux-next. :) For patches fixing this, please
include these lines (but double-check the "Fixes" first):

Reported-by: coverity-bot <keescook+coverity-bot@chromium.org>
Addresses-Coverity-ID: 1487846 ("Resource leaks")
Fixes: c2a9f74c9d18 ("can: rx-offload: can_rx_offload_irq_offload_timestamp(): continue on error")


Thanks for your attention!

-- 
Coverity-bot

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: Coverity: can_rx_offload_irq_offload_timestamp(): Resource leaks
  2019-11-12  1:35 Coverity: can_rx_offload_irq_offload_timestamp(): Resource leaks coverity-bot
@ 2019-11-12  8:09 ` Marc Kleine-Budde
  2019-11-12 21:13   ` Kees Cook
  0 siblings, 1 reply; 3+ messages in thread
From: Marc Kleine-Budde @ 2019-11-12  8:09 UTC (permalink / raw)
  To: coverity-bot, Jeroen Hofstee; +Cc: Gustavo A. R. Silva, linux-next, linux-can


[-- Attachment #1.1: Type: text/plain, Size: 2162 bytes --]

On 11/12/19 2:35 AM, coverity-bot wrote:
> Hello!
> 
> This is an experimental automated report about issues detected by Coverity
> from a scan of next-20191108 as part of the linux-next weekly scan project:
> https://scan.coverity.com/projects/linux-next-weekly-scan
> 
> You're getting this email because you were associated with the identified
> lines of code (noted below) that were touched by recent commits:
> 
> c2a9f74c9d18 ("can: rx-offload: can_rx_offload_irq_offload_timestamp(): continue on error")
> 
> Coverity reported the following:
> 
> *** CID 1487846:  Resource leaks  (RESOURCE_LEAK)
> /drivers/net/can/rx-offload.c: 219 in can_rx_offload_irq_offload_timestamp()
> 213
> 214     		if (!(pending & BIT_ULL(i)))
> 215     			continue;
> 216
> 217     		skb = can_rx_offload_offload_one(offload, i);
> 218     		if (IS_ERR_OR_NULL(skb))
> vvv     CID 1487846:  Resource leaks  (RESOURCE_LEAK)
> vvv     Variable "skb" going out of scope leaks the storage it points to.
> 219     			continue;
> 220
> 221     		__skb_queue_add_sort(&skb_queue, skb, can_rx_offload_compare);
> 222     	}
> 223
> 224     	if (!skb_queue_empty(&skb_queue)) {
> 
> If this is a false positive, please let us know so we can mark it as
> such, or teach the Coverity rules to be smarter. If not, please make
> sure fixes get into linux-next. :) For patches fixing this, please
> include these lines (but double-check the "Fixes" first):
> 
> Reported-by: coverity-bot <keescook+coverity-bot@chromium.org>
> Addresses-Coverity-ID: 1487846 ("Resource leaks")
> Fixes: c2a9f74c9d18 ("can: rx-offload: can_rx_offload_irq_offload_timestamp(): continue on error")

This is a false positive:

>> 218     		if (IS_ERR_OR_NULL(skb))
>> 219     			continue;

since skb is either NULL or an error pointer not a pointer to a valid
skb object.

regards,
Marc

-- 
Pengutronix e.K.                 | Marc Kleine-Budde           |
Embedded Linux                   | https://www.pengutronix.de  |
Vertretung West/Dortmund         | Phone: +49-231-2826-924     |
Amtsgericht Hildesheim, HRA 2686 | Fax:   +49-5121-206917-5555 |


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: Coverity: can_rx_offload_irq_offload_timestamp(): Resource leaks
  2019-11-12  8:09 ` Marc Kleine-Budde
@ 2019-11-12 21:13   ` Kees Cook
  0 siblings, 0 replies; 3+ messages in thread
From: Kees Cook @ 2019-11-12 21:13 UTC (permalink / raw)
  To: Marc Kleine-Budde
  Cc: Jeroen Hofstee, Gustavo A. R. Silva, linux-next, linux-can

On Tue, Nov 12, 2019 at 09:09:13AM +0100, Marc Kleine-Budde wrote:
> On 11/12/19 2:35 AM, coverity-bot wrote:
> > Hello!
> > 
> > This is an experimental automated report about issues detected by Coverity
> > from a scan of next-20191108 as part of the linux-next weekly scan project:
> > https://scan.coverity.com/projects/linux-next-weekly-scan
> > 
> > You're getting this email because you were associated with the identified
> > lines of code (noted below) that were touched by recent commits:
> > 
> > c2a9f74c9d18 ("can: rx-offload: can_rx_offload_irq_offload_timestamp(): continue on error")
> > 
> > Coverity reported the following:
> > 
> > *** CID 1487846:  Resource leaks  (RESOURCE_LEAK)
> > /drivers/net/can/rx-offload.c: 219 in can_rx_offload_irq_offload_timestamp()
> > 213
> > 214     		if (!(pending & BIT_ULL(i)))
> > 215     			continue;
> > 216
> > 217     		skb = can_rx_offload_offload_one(offload, i);
> > 218     		if (IS_ERR_OR_NULL(skb))
> > vvv     CID 1487846:  Resource leaks  (RESOURCE_LEAK)
> > vvv     Variable "skb" going out of scope leaks the storage it points to.
> > 219     			continue;
> > 220
> > 221     		__skb_queue_add_sort(&skb_queue, skb, can_rx_offload_compare);
> > 222     	}
> > 223
> > 224     	if (!skb_queue_empty(&skb_queue)) {
> > 
> > If this is a false positive, please let us know so we can mark it as
> > such, or teach the Coverity rules to be smarter. If not, please make
> > sure fixes get into linux-next. :) For patches fixing this, please
> > include these lines (but double-check the "Fixes" first):
> > 
> > Reported-by: coverity-bot <keescook+coverity-bot@chromium.org>
> > Addresses-Coverity-ID: 1487846 ("Resource leaks")
> > Fixes: c2a9f74c9d18 ("can: rx-offload: can_rx_offload_irq_offload_timestamp(): continue on error")
> 
> This is a false positive:
> 
> >> 218     		if (IS_ERR_OR_NULL(skb))
> >> 219     			continue;
> 
> since skb is either NULL or an error pointer not a pointer to a valid
> skb object.

Wow, yes, that certainly is! :) I will see if can find a way to teach
Coverity that the ERR span of "pointer" values do not count as
"allocated".

Thanks for taking a look at this!

-- 
Kees Cook

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2019-11-12 21:13 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-11-12  1:35 Coverity: can_rx_offload_irq_offload_timestamp(): Resource leaks coverity-bot
2019-11-12  8:09 ` Marc Kleine-Budde
2019-11-12 21:13   ` Kees Cook

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).