From: Kamal Mostafa <kamal@canonical.com>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org,
kernel-team@lists.ubuntu.com
Cc: Johan Hovold <johan@kernel.org>, Kamal Mostafa <kamal@canonical.com>
Subject: [PATCH 3.19.y-ckt 49/99] USB: serial: io_edgeport: fix memory leaks in attach error path
Date: Thu, 7 Jul 2016 11:37:48 -0700 [thread overview]
Message-ID: <1467916718-18638-50-git-send-email-kamal@canonical.com> (raw)
In-Reply-To: <1467916718-18638-1-git-send-email-kamal@canonical.com>
3.19.8-ckt23 -stable review patch. If anyone has any objections, please let me know.
---8<------------------------------------------------------------
From: Johan Hovold <johan@kernel.org>
commit c5c0c55598cefc826d6cfb0a417eeaee3631715c upstream.
Private data, URBs and buffers allocated for Epic devices during
attach were never released on errors (e.g. missing endpoints).
Fixes: 6e8cf7751f9f ("USB: add EPIC support to the io_edgeport driver")
Signed-off-by: Johan Hovold <johan@kernel.org>
Acked-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Kamal Mostafa <kamal@canonical.com>
---
drivers/usb/serial/io_edgeport.c | 39 ++++++++++++++++++++++++++++-----------
1 file changed, 28 insertions(+), 11 deletions(-)
diff --git a/drivers/usb/serial/io_edgeport.c b/drivers/usb/serial/io_edgeport.c
index c086697..1106e7d 100644
--- a/drivers/usb/serial/io_edgeport.c
+++ b/drivers/usb/serial/io_edgeport.c
@@ -2856,14 +2856,16 @@ static int edge_startup(struct usb_serial *serial)
/* not set up yet, so do it now */
edge_serial->interrupt_read_urb =
usb_alloc_urb(0, GFP_KERNEL);
- if (!edge_serial->interrupt_read_urb)
- return -ENOMEM;
+ if (!edge_serial->interrupt_read_urb) {
+ response = -ENOMEM;
+ break;
+ }
edge_serial->interrupt_in_buffer =
kmalloc(buffer_size, GFP_KERNEL);
if (!edge_serial->interrupt_in_buffer) {
- usb_free_urb(edge_serial->interrupt_read_urb);
- return -ENOMEM;
+ response = -ENOMEM;
+ break;
}
edge_serial->interrupt_in_endpoint =
endpoint->bEndpointAddress;
@@ -2891,14 +2893,16 @@ static int edge_startup(struct usb_serial *serial)
/* not set up yet, so do it now */
edge_serial->read_urb =
usb_alloc_urb(0, GFP_KERNEL);
- if (!edge_serial->read_urb)
- return -ENOMEM;
+ if (!edge_serial->read_urb) {
+ response = -ENOMEM;
+ break;
+ }
edge_serial->bulk_in_buffer =
kmalloc(buffer_size, GFP_KERNEL);
if (!edge_serial->bulk_in_buffer) {
- usb_free_urb(edge_serial->read_urb);
- return -ENOMEM;
+ response = -ENOMEM;
+ break;
}
edge_serial->bulk_in_endpoint =
endpoint->bEndpointAddress;
@@ -2924,9 +2928,22 @@ static int edge_startup(struct usb_serial *serial)
}
}
- if (!interrupt_in_found || !bulk_in_found || !bulk_out_found) {
- dev_err(ddev, "Error - the proper endpoints were not found!\n");
- return -ENODEV;
+ if (response || !interrupt_in_found || !bulk_in_found ||
+ !bulk_out_found) {
+ if (!response) {
+ dev_err(ddev, "expected endpoints not found\n");
+ response = -ENODEV;
+ }
+
+ usb_free_urb(edge_serial->interrupt_read_urb);
+ kfree(edge_serial->interrupt_in_buffer);
+
+ usb_free_urb(edge_serial->read_urb);
+ kfree(edge_serial->bulk_in_buffer);
+
+ kfree(edge_serial);
+
+ return response;
}
/* start interrupt read for this edgeport this interrupt will
--
2.7.4
next prev parent reply other threads:[~2016-07-07 18:51 UTC|newest]
Thread overview: 100+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-07-07 18:36 [3.19.y-ckt stable] Linux 3.19.8-ckt23 stable review Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 01/99] mm: migrate dirty page without clear_page_dirty_for_io etc Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 02/99] ath10k: fix firmware assert in monitor mode Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 03/99] drm/i915: Fix race condition in intel_dp_destroy_mst_connector() Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 04/99] ath10k: fix debugfs pktlog_filter write Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 05/99] ath5k: Change led pin configuration for compaq c700 laptop Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 06/99] drm/gma500: Fix possible out of bounds read Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 07/99] Bluetooth: vhci: fix open_timeout vs. hdev race Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 08/99] Bluetooth: vhci: purge unhandled skbs Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 09/99] cpuidle: Indicate when a device has been unregistered Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 10/99] [media] media: v4l2-compat-ioctl32: fix missing reserved field copy in put_v4l2_create32 Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 11/99] scsi: Add intermediate STARGET_REMOVE state to scsi_target_state Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 12/99] Revert "scsi: fix soft lockup in scsi_remove_target() on module removal" Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 13/99] usb: f_mass_storage: test whether thread is running before starting another Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 14/99] Bluetooth: vhci: Fix race at creating hci device Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 15/99] powerpc/book3s64: Fix branching to OOL handlers in relocatable kernel Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 16/99] PM / Runtime: Fix error path in pm_runtime_force_resume() Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 17/99] crypto: s5p-sss - Fix missed interrupts when working with 8 kB blocks Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 18/99] ath9k: Add a module parameter to invert LED polarity Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 19/99] ath9k: Fix LED polarity for some Mini PCI AR9220 MB92 cards Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 20/99] pinctrl: exynos5440: Use off-stack memory for pinctrl_gpio_range Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 21/99] btrfs: bugfix: handle FS_IOC32_{GETFLAGS,SETFLAGS,GETVERSION} in btrfs_ioctl Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 22/99] usb: core: hub: hub_port_init lock controller instead of bus Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 23/99] TTY: n_gsm, fix false positive WARN_ON Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 24/99] arm/arm64: KVM: Enforce Break-Before-Make on Stage-2 page tables Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 25/99] aacraid: Relinquish CPU during timeout wait Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 26/99] aacraid: Fix for aac_command_thread hang Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 27/99] ext4: fix hang when processing corrupted orphaned inode list Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 28/99] MIPS: ath79: make bootconsole wait for both THRE and TEMT Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 29/99] QE-UART: add "fsl,t1040-ucc-uart" to of_device_id Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 30/99] thunderbolt: Fix double free of drom buffer Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 31/99] USB: serial: option: add support for Cinterion PH8 and AHxx Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 32/99] USB: leave LPM alone if possible when binding/unbinding interface drivers Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 33/99] mcb: Fixed bar number assignment for the gdd Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 34/99] USB: serial: option: add more ZTE device ids Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 35/99] USB: serial: option: add even " Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 36/99] ACPI / osi: Fix an issue that acpi_osi=!* cannot disable ACPICA internal strings Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 37/99] USB: serial: cp210x: fix hardware flow-control disable Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 38/99] ext4: fix oops on corrupted filesystem Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 39/99] ext4: address UBSAN warning in mb_find_order_for_block() Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 40/99] ext4: silence UBSAN in ext4_mb_init() Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 41/99] arm64: Ensure pmd_present() returns false after pmd_mknotpresent() Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 42/99] can: fix handling of unmodifiable configuration options Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 43/99] MIPS: Fix siginfo.h to use strict posix types Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 44/99] MIPS: Don't unwind to user mode with EVA Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 45/99] MIPS: Avoid using unwind_stack() with usermode Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 46/99] MIPS: Reserve nosave data for hibernation Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 47/99] usb: host: xhci-rcar: Avoid long wait in xhci_reset() Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 48/99] mfd: omap-usb-tll: Fix scheduling while atomic BUG Kamal Mostafa
2016-07-07 18:37 ` Kamal Mostafa [this message]
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 50/99] USB: serial: io_edgeport: fix memory leaks in probe error path Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 51/99] USB: serial: keyspan: fix use-after-free " Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 52/99] USB: serial: mxuport: " Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 53/99] USB: serial: quatech2: " Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 54/99] crypto: caam - fix caam_jr_alloc() ret code Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 55/99] MIPS: KVM: Fix timer IRQ race when freezing timer Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 56/99] MIPS: KVM: Fix timer IRQ race when writing CP0_Compare Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 57/99] gcov: disable tree-loop-im to reduce stack usage Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 58/99] irqchip/gic: Ensure ordering between read of INTACK and shared data Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 59/99] arm64: cpuinfo: Missing NULL terminator in compat_hwcap_str Kamal Mostafa
2016-07-07 18:37 ` [PATCH 3.19.y-ckt 60/99] kbuild: move -Wunused-const-variable to W=1 warning level Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 61/99] rtlwifi: Fix logic error in enter/exit power-save mode Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 62/99] rtlwifi: pci: use dev_kfree_skb_irq instead of kfree_skb in rtl_pci_reset_trx_ring Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 63/99] powerpc/eeh: Don't report error in eeh_pe_reset_and_recover() Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 64/99] powerpc/eeh: Restore initial state " Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 65/99] MIPS: math-emu: Fix jalr emulation when rd == $0 Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 66/99] ring-buffer: Use long for nr_pages to avoid overflow failures Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 67/99] ring-buffer: Prevent overflow of size in ring_buffer_resize() Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 68/99] mmc: mmc: Fix partition switch timeout for some eMMCs Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 69/99] PCI: Disable all BAR sizing for devices with non-compliant BARs Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 70/99] MIPS: MSA: Fix a link error on `_init_msa_upper' with older GCC Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 71/99] drm/i915/fbdev: Fix num_connector references in intel_fb_initial_config() Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 72/99] drm/fb_helper: Fix references to dev->mode_config.num_connector Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 73/99] fs/cifs: correctly to anonymous authentication via NTLMSSP Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 74/99] fs/cifs: correctly to anonymous authentication for the LANMAN authentication Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 75/99] fs/cifs: correctly to anonymous authentication for the NTLM(v1) authentication Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 76/99] fs/cifs: correctly to anonymous authentication for the NTLM(v2) authentication Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 77/99] remove directory incorrectly tries to set delete on close on non-empty directories Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 78/99] cpuidle: Fix cpuidle_state_is_coupled() argument in cpuidle_enter() Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 79/99] xfs: xfs_iflush_cluster fails to abort on error Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 80/99] xfs: fix inode validity check in xfs_iflush_cluster Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 81/99] xfs: skip stale inodes " Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 82/99] KVM: MTRR: remove MSR 0x2f8 Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 83/99] ASoC: ak4642: Enable cache usage to fix crashes on resume Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 84/99] Input: uinput - handle compat ioctl for UI_SET_PHYS Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 85/99] PM / sleep: Handle failures in device_suspend_late() consistently Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 86/99] mmc: longer timeout for long read time quirk Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 87/99] mmc: sdhci-pci: Remove MMC_CAP_BUS_WIDTH_TEST for Intel controllers Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 88/99] mmc: sdhci-acpi: " Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 89/99] sunrpc: fix stripping of padded MIC tokens Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 90/99] wait/ptrace: assume __WALL if the child is traced Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 91/99] xen/x86: actually allocate legacy interrupts on PV guests Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 92/99] xen/events: Don't move disabled irqs Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 93/99] dma-debug: avoid spinlock recursion when disabling dma-debug Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 94/99] Input: xpad - prevent spurious input from wired Xbox 360 controllers Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 95/99] hpfs: fix remount failure when there are no options changed Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 96/99] hpfs: implement the show_options method Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 97/99] powerpc/iommu: Remove the dependency on EEH struct in DDW mechanism Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 98/99] powerpc/pseries: Fix PCI config address for DDW Kamal Mostafa
2016-07-07 18:38 ` [PATCH 3.19.y-ckt 99/99] can: fix handling of unmodifiable configuration options fix Kamal Mostafa
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1467916718-18638-50-git-send-email-kamal@canonical.com \
--to=kamal@canonical.com \
--cc=johan@kernel.org \
--cc=kernel-team@lists.ubuntu.com \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).