Re: [PATCH] Fix memory leak in vc_resize/vc_allocate

On Thu, 10 Aug 2006 15:22:21 +0100
Catalin Marinas <[email protected]> wrote:

> From: Catalin Marinas <[email protected]>
> 
> Memory leaks can happen in the vc_resize() function in drivers/char/vt.c
> because of the vc->vc_screenbuf variable overriding in vc_allocate(). The
> kmemleak reported trace is as follows:
> 
>   <__kmalloc>
>   <vc_resize>
>   <fbcon_init>
>   <visual_init>
>   <vc_allocate>
>   <con_open>
>   <tty_open>
>   <chrdev_open>
> 
> This patch no longer allocates a screen buffer in vc_allocate() if it was
> already allocated by vc_resize().
> 
> Signed-off-by: Catalin Marinas <[email protected]>
> ---
> 
>  drivers/char/vt.c |    3 ++-
>  1 files changed, 2 insertions(+), 1 deletions(-)
> 
> diff --git a/drivers/char/vt.c b/drivers/char/vt.c
> index da7e66a..31c8b32 100644
> --- a/drivers/char/vt.c
> +++ b/drivers/char/vt.c
> @@ -730,7 +730,8 @@ int vc_allocate(unsigned int currcons)	/
>  	    visual_init(vc, currcons, 1);
>  	    if (!*vc->vc_uni_pagedir_loc)
>  		con_set_default_unimap(vc);
> -	    vc->vc_screenbuf = kmalloc(vc->vc_screenbuf_size, GFP_KERNEL);
> +	    if (!vc->vc_kmalloced)
> +		vc->vc_screenbuf = kmalloc(vc->vc_screenbuf_size, GFP_KERNEL);
>  	    if (!vc->vc_screenbuf) {
>  		kfree(vc);
>  		vc_cons[currcons].d = NULL;

hm.  Maybe.  I'd worry that the memory at vc->vc_screenbuf isn't of the
correct size and this patch will convert a leak into a buffer overrun.

Also, what's up with this, in vc_resize()?

	if (vc->vc_kmalloced)
		kfree(vc->vc_screenbuf);
	vc->vc_screenbuf = newscreen;
	vc->vc_kmalloced = 1;

if vc->vc_kmalloced means "there is kmalloced memory at vc->vc_screenbuf"
then this is wrong.

This code is all pretty twisty and I fear touching it.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Follow-Ups:
- Re: [PATCH] Fix memory leak in vc_resize/vc_allocate
  - From: "Catalin Marinas" <[email protected]>
- Re: [PATCH] Fix memory leak in vc_resize/vc_allocate
  - From: "Antonino A. Daplas" <[email protected]>

References:
- [PATCH] Fix memory leak in vc_resize/vc_allocate
  - From: Catalin Marinas <[email protected]>

Prev by Date: [libata patch] cleanup drivers/ata/Kconfig
Next by Date: Re: [PATCHv3] sunrpc/auth_gss: NULL pointer deref in gss_pipe_release()
Previous by thread: [PATCH] Fix memory leak in vc_resize/vc_allocate
Next by thread: Re: [PATCH] Fix memory leak in vc_resize/vc_allocate
Index(es):
- Date
- Thread

[Index of Archives] [Kernel Newbies] [Netfilter] [Bugtraq] [Photo] [Stuff] [Gimp] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Video 4 Linux] [Linux for the blind] [Linux Resources]