* [PATCH] tools: Fix realloc() use in fdarray__grow()
@ 2020-02-29 16:26 Jann Horn
2020-03-02 12:58 ` Jiri Olsa
0 siblings, 1 reply; 3+ messages in thread
From: Jann Horn @ 2020-02-29 16:26 UTC (permalink / raw)
To: Peter Zijlstra, Ingo Molnar, Arnaldo Carvalho de Melo
Cc: Mark Rutland, Alexander Shishkin, Jiri Olsa, Namhyung Kim, linux-kernel
If `entries != NULL`, then `fda->entries` has been freed, so whatever
happens afterwards, we must store `entries` in `fda->entries`.
If we bail out at the second realloc(), the new allocation will be bigger
than what fda->nr_alloc says, but that's fine.
Fixes: 2171a9256862 ("tools lib fd array: Allow associating an integer cookie with each entry")
Signed-off-by: Jann Horn <jannh@google.com>
---
To the maintainer:
I'm not sure about the etiquette for using CC stable in
patches for somewhat theoretical issues in userland tools;
feel free to tack a CC stable onto this if you think it
should go into stable.
tools/lib/api/fd/array.c | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/tools/lib/api/fd/array.c b/tools/lib/api/fd/array.c
index 58d44d5eee31..acf8eca1a94a 100644
--- a/tools/lib/api/fd/array.c
+++ b/tools/lib/api/fd/array.c
@@ -27,15 +27,13 @@ int fdarray__grow(struct fdarray *fda, int nr)
if (entries == NULL)
return -ENOMEM;
+ fda->entries = entries;
priv = realloc(fda->priv, psize);
- if (priv == NULL) {
- free(entries);
+ if (priv == NULL)
return -ENOMEM;
- }
fda->nr_alloc = nr_alloc;
- fda->entries = entries;
fda->priv = priv;
return 0;
}
--
2.25.0
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] tools: Fix realloc() use in fdarray__grow()
2020-02-29 16:26 [PATCH] tools: Fix realloc() use in fdarray__grow() Jann Horn
@ 2020-03-02 12:58 ` Jiri Olsa
2020-03-02 14:54 ` Jann Horn
0 siblings, 1 reply; 3+ messages in thread
From: Jiri Olsa @ 2020-03-02 12:58 UTC (permalink / raw)
To: Jann Horn
Cc: Peter Zijlstra, Ingo Molnar, Arnaldo Carvalho de Melo,
Mark Rutland, Alexander Shishkin, Namhyung Kim, linux-kernel
On Sat, Feb 29, 2020 at 05:26:07PM +0100, Jann Horn wrote:
> If `entries != NULL`, then `fda->entries` has been freed, so whatever
> happens afterwards, we must store `entries` in `fda->entries`.
> If we bail out at the second realloc(), the new allocation will be bigger
> than what fda->nr_alloc says, but that's fine.
>
> Fixes: 2171a9256862 ("tools lib fd array: Allow associating an integer cookie with each entry")
> Signed-off-by: Jann Horn <jannh@google.com>
> ---
> To the maintainer:
> I'm not sure about the etiquette for using CC stable in
> patches for somewhat theoretical issues in userland tools;
> feel free to tack a CC stable onto this if you think it
> should go into stable.
>
> tools/lib/api/fd/array.c | 6 ++----
> 1 file changed, 2 insertions(+), 4 deletions(-)
>
> diff --git a/tools/lib/api/fd/array.c b/tools/lib/api/fd/array.c
> index 58d44d5eee31..acf8eca1a94a 100644
> --- a/tools/lib/api/fd/array.c
> +++ b/tools/lib/api/fd/array.c
> @@ -27,15 +27,13 @@ int fdarray__grow(struct fdarray *fda, int nr)
>
> if (entries == NULL)
> return -ENOMEM;
> + fda->entries = entries;
>
> priv = realloc(fda->priv, psize);
> - if (priv == NULL) {
> - free(entries);
so we are sure we always call fdarray__exit even
if we fail in here? if that's the case then
Acked-by: Jiri Olsa <jolsa@redhat.com>
thanks,
jirka
> + if (priv == NULL)
> return -ENOMEM;
> - }
>
> fda->nr_alloc = nr_alloc;
> - fda->entries = entries;
> fda->priv = priv;
> return 0;
> }
> --
> 2.25.0
>
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] tools: Fix realloc() use in fdarray__grow()
2020-03-02 12:58 ` Jiri Olsa
@ 2020-03-02 14:54 ` Jann Horn
0 siblings, 0 replies; 3+ messages in thread
From: Jann Horn @ 2020-03-02 14:54 UTC (permalink / raw)
To: Jiri Olsa
Cc: Peter Zijlstra, Ingo Molnar, Arnaldo Carvalho de Melo,
Mark Rutland, Alexander Shishkin, Namhyung Kim, kernel list
On Mon, Mar 2, 2020 at 1:58 PM Jiri Olsa <jolsa@redhat.com> wrote:
> On Sat, Feb 29, 2020 at 05:26:07PM +0100, Jann Horn wrote:
> > If `entries != NULL`, then `fda->entries` has been freed, so whatever
> > happens afterwards, we must store `entries` in `fda->entries`.
> > If we bail out at the second realloc(), the new allocation will be bigger
> > than what fda->nr_alloc says, but that's fine.
> >
> > Fixes: 2171a9256862 ("tools lib fd array: Allow associating an integer cookie with each entry")
> > Signed-off-by: Jann Horn <jannh@google.com>
> > ---
> > To the maintainer:
> > I'm not sure about the etiquette for using CC stable in
> > patches for somewhat theoretical issues in userland tools;
> > feel free to tack a CC stable onto this if you think it
> > should go into stable.
> >
> > tools/lib/api/fd/array.c | 6 ++----
> > 1 file changed, 2 insertions(+), 4 deletions(-)
> >
> > diff --git a/tools/lib/api/fd/array.c b/tools/lib/api/fd/array.c
> > index 58d44d5eee31..acf8eca1a94a 100644
> > --- a/tools/lib/api/fd/array.c
> > +++ b/tools/lib/api/fd/array.c
> > @@ -27,15 +27,13 @@ int fdarray__grow(struct fdarray *fda, int nr)
> >
> > if (entries == NULL)
> > return -ENOMEM;
> > + fda->entries = entries;
> >
> > priv = realloc(fda->priv, psize);
> > - if (priv == NULL) {
> > - free(entries);
>
> so we are sure we always call fdarray__exit even
> if we fail in here? if that's the case then
>
> Acked-by: Jiri Olsa <jolsa@redhat.com>
Ugh... actually, no, at least fdarray__new() does a plain free().
While other places like FDA_ADD use fdarray_delete()...
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2020-03-02 14:54 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-02-29 16:26 [PATCH] tools: Fix realloc() use in fdarray__grow() Jann Horn
2020-03-02 12:58 ` Jiri Olsa
2020-03-02 14:54 ` Jann Horn
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).