Re: [PATCH][resend] fix resource leak in pnp card_probe()

Jesper Juhl <[email protected]> wrote:
>
> (resend of patch already send once on 23/03-2006 
>   - still applies cleanly to latest -git)
> 
> 
> We can leak `clink' in drivers/pnp/card.c::card_probe()
> 
> 
> Signed-off-by: Jesper Juhl <[email protected]>
> ---
> 
>  drivers/pnp/card.c |    4 +++-
>  1 files changed, 3 insertions(+), 1 deletion(-)
> 
> --- linux-2.6.16-mm1-orig/drivers/pnp/card.c	2006-03-26 13:43:38.000000000 +0200
> +++ linux-2.6.16-mm1/drivers/pnp/card.c	2006-03-26 15:45:00.000000000 +0200
> @@ -81,8 +81,10 @@ static int card_probe(struct pnp_card * 
>  				}
>  				kfree(clink);
>  			}
> -		} else
> +		} else {
> +			kfree(clink);
>  			return 1;
> +		}
>  	}
>  	return 0;
>  }

If !drv->probe then there's not much point in doing the kmalloc and then
immediately freeing it again.

Like this?

--- devel/drivers/pnp/card.c~pnp-card_probe-fix-memory-leak	2006-05-14 02:30:25.000000000 -0700
+++ devel-akpm/drivers/pnp/card.c	2006-05-14 02:36:24.000000000 -0700
@@ -60,30 +60,34 @@ static void card_remove_first(struct pnp
 	card_remove(dev);
 }
 
-static int card_probe(struct pnp_card * card, struct pnp_card_driver * drv)
+static int card_probe(struct pnp_card *card, struct pnp_card_driver *drv)
 {
-	const struct pnp_card_device_id *id = match_card(drv,card);
-	if (id) {
-		struct pnp_card_link * clink = pnp_alloc(sizeof(struct pnp_card_link));
-		if (!clink)
-			return 0;
-		clink->card = card;
-		clink->driver = drv;
-		clink->pm_state = PMSG_ON;
-		if (drv->probe) {
-			if (drv->probe(clink, id)>=0)
-				return 1;
-			else {
-				struct pnp_dev * dev;
-				card_for_each_dev(card, dev) {
-					if (dev->card_link == clink)
-						pnp_release_card_device(dev);
-				}
-				kfree(clink);
-			}
-		} else
-			return 1;
+	const struct pnp_card_device_id *id;
+	struct pnp_card_link *clink;
+	struct pnp_dev *dev;
+
+	if (!drv->probe)
+		return 0;
+	id = match_card(drv,card);
+	if (!id)
+		return 0;
+
+	clink = pnp_alloc(sizeof(*clink));
+	if (!clink)
+		return 0;
+	clink->card = card;
+	clink->driver = drv;
+	clink->pm_state = PMSG_ON;
+
+	if (drv->probe(clink, id) >= 0)
+		return 1;
+
+	/* Recovery */
+	card_for_each_dev(card, dev) {
+		if (dev->card_link == clink)
+			pnp_release_card_device(dev);
 	}
+	kfree(clink);
 	return 0;
 }
 
_

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• Follow-Ups:
  • Re: [PATCH][resend] fix resource leak in pnp card_probe()
    • From: Keith Owens <[email protected]>
  • Re: [PATCH][resend] fix resource leak in pnp card_probe()
    • From: "Jesper Juhl" <[email protected]>

• References:
  • [PATCH][resend] fix resource leak in pnp card_probe()
    • From: Jesper Juhl <[email protected]>

• Prev by Date: Re: [PATCH 2.6.17-rc4 1/6] Base support for kmemleak
• Next by Date: [PATCH -mm, resend] de_thread: fix lockless do_each_thread
• Previous by thread: [PATCH][resend] fix resource leak in pnp card_probe()
• Next by thread: Re: [PATCH][resend] fix resource leak in pnp card_probe()
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]