On Mon, 2006-08-14 at 15:43 -0700, Andrew Morton wrote:
> On Thu, 10 Aug 2006 15:22:21 +0100
> Catalin Marinas <[email protected]> wrote:
>
> > From: Catalin Marinas <[email protected]>
> >
> > Memory leaks can happen in the vc_resize() function in drivers/char/vt.c
> > because of the vc->vc_screenbuf variable overriding in vc_allocate(). The
> > kmemleak reported trace is as follows:
> >
> > <__kmalloc>
> > <vc_resize>
> > <fbcon_init>
> > <visual_init>
> > <vc_allocate>
> > <con_open>
> > <tty_open>
> > <chrdev_open>
> >
> > This patch no longer allocates a screen buffer in vc_allocate() if it was
> > already allocated by vc_resize().
> >
> > Signed-off-by: Catalin Marinas <[email protected]>
> > ---
> >
> > drivers/char/vt.c | 3 ++-
> > 1 files changed, 2 insertions(+), 1 deletions(-)
> >
> > diff --git a/drivers/char/vt.c b/drivers/char/vt.c
> > index da7e66a..31c8b32 100644
> > --- a/drivers/char/vt.c
> > +++ b/drivers/char/vt.c
> > @@ -730,7 +730,8 @@ int vc_allocate(unsigned int currcons) /
> > visual_init(vc, currcons, 1);
> > if (!*vc->vc_uni_pagedir_loc)
> > con_set_default_unimap(vc);
> > - vc->vc_screenbuf = kmalloc(vc->vc_screenbuf_size, GFP_KERNEL);
> > + if (!vc->vc_kmalloced)
> > + vc->vc_screenbuf = kmalloc(vc->vc_screenbuf_size, GFP_KERNEL);
> > if (!vc->vc_screenbuf) {
> > kfree(vc);
> > vc_cons[currcons].d = NULL;
>
> hm. Maybe. I'd worry that the memory at vc->vc_screenbuf isn't of the
> correct size and this patch will convert a leak into a buffer overrun.
It's a safe test, visual_init() will assure that screenbuf_size will
always be correct.
> Also, what's up with this, in vc_resize()?
>
> if (vc->vc_kmalloced)
> kfree(vc->vc_screenbuf);
> vc->vc_screenbuf = newscreen;
> vc->vc_kmalloced = 1;
>
> if vc->vc_kmalloced means "there is kmalloced memory at vc->vc_screenbuf"
> then this is wrong.
vc_screenbuf is either of the bootmem type or the kmalloced type as
indicated by vc->vc_kmalloced.
>
> This code is all pretty twisty and I fear touching it.
Yes, but the patch as is should be okay.
Tony
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]