* Memleak in e100 driver
@ 2003-03-12 18:58 Oleg Drokin
0 siblings, 0 replies; only message in thread
From: Oleg Drokin @ 2003-03-12 18:58 UTC (permalink / raw)
To: scott.feldman, alan, torvalds, linux-kernel
Hello!
There is a memleak in e100 driver from intel, both in 2.4 and 2.5
e100_ethtool_gstrings does not free "strings" variable if it cannot
copy it to userspace.
See the patch (identical for both 2.4 and 2.5).
Found with help of smatch + enhanced unfree script.
Bye,
Oleg
===== drivers/net/e100/e100_main.c 1.23 vs edited =====
--- 1.23/drivers/net/e100/e100_main.c Sat Feb 1 22:38:18 2003
+++ edited/drivers/net/e100/e100_main.c Wed Mar 12 21:50:32 2003
@@ -3824,11 +3824,15 @@
return -EOPNOTSUPP;
}
- if (copy_to_user(ifr->ifr_data, &info, sizeof (info)))
+ if (copy_to_user(ifr->ifr_data, &info, sizeof (info))) {
+ kfree(strings);
return -EFAULT;
+ }
- if (copy_to_user(usr_strings, strings, info.len * ETH_GSTRING_LEN))
+ if (copy_to_user(usr_strings, strings, info.len * ETH_GSTRING_LEN)) {
+ kfree(strings);
return -EFAULT;
+ }
kfree(strings);
return 0;
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2003-03-12 18:48 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-03-12 18:58 Memleak in e100 driver Oleg Drokin
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.