From: Mike Snitzer <snitzer@redhat.com>
To: Jesper Juhl <jj@chaosbits.net>
Cc: dm-devel@redhat.com, linux-kernel@vger.kernel.org,
linux-raid@vger.kernel.org
Subject: Re: [PATCH][rfc] md: Close mem leak in userspace_ctr()
Date: Tue, 14 Dec 2010 17:18:16 -0500 [thread overview]
Message-ID: <20101214221816.GA14227@redhat.com> (raw)
In-Reply-To: <alpine.LNX.2.00.1012140034300.26491@swampdragon.chaosbits.net>
On Mon, Dec 13 2010 at 6:40pm -0500,
Jesper Juhl <jj@chaosbits.net> wrote:
> Hi,
>
> There's a small memory leak in
> drivers/md/dm-log-userspace-base.c::userspace_ctr().
>
> The call to build_constructor_string() dynamically allocates memory for
> its last argument, but we do not always clean up that allocated memory.
I'm not seeing a leak.
The kfree() that you've added to the build_constructor_string() failure
path isn't needed because build_constructor_string() only returns error
if the kzalloc() failed.
Mike
> diff --git a/drivers/md/dm-log-userspace-base.c b/drivers/md/dm-log-userspace-base.c
> index 1ed0094..71a3049 100644
> --- a/drivers/md/dm-log-userspace-base.c
> +++ b/drivers/md/dm-log-userspace-base.c
> @@ -99,26 +99,22 @@ static int build_constructor_string(struct dm_target *ti,
> char **ctr_str)
> {
> int i, str_size;
> - char *str = NULL;
> -
> - *ctr_str = NULL;
>
> for (i = 0, str_size = 0; i < argc; i++)
> str_size += strlen(argv[i]) + 1; /* +1 for space between args */
>
> str_size += 20; /* Max number of chars in a printed u64 number */
>
> - str = kzalloc(str_size, GFP_KERNEL);
> - if (!str) {
> + *ctr_str = kzalloc(str_size, GFP_KERNEL);
> + if (!*ctr_str) {
> DMWARN("Unable to allocate memory for constructor string");
> return -ENOMEM;
> }
>
> - str_size = sprintf(str, "%llu", (unsigned long long)ti->len);
> + str_size = sprintf(*ctr_str, "%llu", (unsigned long long)ti->len);
> for (i = 0; i < argc; i++)
> - str_size += sprintf(str + str_size, " %s", argv[i]);
> + str_size += sprintf(*ctr_str + str_size, " %s", argv[i]);
>
> - *ctr_str = str;
> return str_size;
> }
>
> @@ -140,7 +136,7 @@ static int userspace_ctr(struct dm_dirty_log *log, struct dm_target *ti,
> {
> int r = 0;
> int str_size;
> - char *ctr_str = NULL;
> + char *ctr_str;
> struct log_c *lc = NULL;
> uint64_t rdata;
> size_t rdata_size = sizeof(rdata);
> @@ -173,6 +169,7 @@ static int userspace_ctr(struct dm_dirty_log *log, struct dm_target *ti,
>
> str_size = build_constructor_string(ti, argc - 1, argv + 1, &ctr_str);
> if (str_size < 0) {
> + kfree(ctr_str);
> kfree(lc);
> return str_size;
> }
next prev parent reply other threads:[~2010-12-14 22:18 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-12-13 23:40 [PATCH][rfc] md: Close mem leak in userspace_ctr() Jesper Juhl
2010-12-14 22:18 ` Mike Snitzer [this message]
2010-12-17 12:18 ` Jesper Juhl
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20101214221816.GA14227@redhat.com \
--to=snitzer@redhat.com \
--cc=dm-devel@redhat.com \
--cc=jj@chaosbits.net \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-raid@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.