Message ID | alpine.LNX.2.00.1106121621360.25151@swampdragon.chaosbits.net |
---|---|
State | Accepted, archived |
Delegated to: | David Miller |
Headers | show |
On 6/12/11, Jesper Juhl <jj@chaosbits.net> wrote: > In net/ieee802154/nl-phy.c::ieee802154_nl_fill_phy() I see two small > issues. > 1) If the allocation of 'buf' fails we may just as well return -EMSGSIZE > directly rather than jumping to 'out:' and do a pointless kfree(0). > 2) We do not free 'buf' unless we jump to one of the error labels and this > leaks memory. > This patch should address both. > > Signed-off-by: Jesper Juhl <jj@chaosbits.net> Acked-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> David, please commit this.
From: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> Date: Tue, 14 Jun 2011 00:02:38 +0400 > On 6/12/11, Jesper Juhl <jj@chaosbits.net> wrote: >> In net/ieee802154/nl-phy.c::ieee802154_nl_fill_phy() I see two small >> issues. >> 1) If the allocation of 'buf' fails we may just as well return -EMSGSIZE >> directly rather than jumping to 'out:' and do a pointless kfree(0). >> 2) We do not free 'buf' unless we jump to one of the error labels and this >> leaks memory. >> This patch should address both. >> >> Signed-off-by: Jesper Juhl <jj@chaosbits.net> > > Acked-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> > > David, please commit this. Applied, thanks. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/net/ieee802154/nl-phy.c b/net/ieee802154/nl-phy.c index ed0eab3..02548b2 100644 --- a/net/ieee802154/nl-phy.c +++ b/net/ieee802154/nl-phy.c @@ -44,7 +44,7 @@ static int ieee802154_nl_fill_phy(struct sk_buff *msg, u32 pid, pr_debug("%s\n", __func__); if (!buf) - goto out; + return -EMSGSIZE; hdr = genlmsg_put(msg, 0, seq, &nl802154_family, flags, IEEE802154_LIST_PHY); @@ -65,6 +65,7 @@ static int ieee802154_nl_fill_phy(struct sk_buff *msg, u32 pid, pages * sizeof(uint32_t), buf); mutex_unlock(&phy->pib_lock); + kfree(buf); return genlmsg_end(msg, hdr); nla_put_failure:
In net/ieee802154/nl-phy.c::ieee802154_nl_fill_phy() I see two small issues. 1) If the allocation of 'buf' fails we may just as well return -EMSGSIZE directly rather than jumping to 'out:' and do a pointless kfree(0). 2) We do not free 'buf' unless we jump to one of the error labels and this leaks memory. This patch should address both. Signed-off-by: Jesper Juhl <jj@chaosbits.net> --- nl-phy.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) I have no way to properly test this patch, so it's compile tested only.