From: Zhang Yanfei <zhangyanfei.yes@gmail.com>
To: Simon Horman <horms@verge.net.au>
Cc: "kexec@lists.infradead.org" <kexec@lists.infradead.org>
Subject: [PATCH 07/13] kexec: ppc: elf: fix possible memory leak in elf_ppc_load
Date: Mon, 25 Mar 2013 23:12:51 +0800 [thread overview]
Message-ID: <51506973.7050301@gmail.com> (raw)
In-Reply-To: <51506758.4070902@gmail.com>
From: Zhang Yanfei <zhangyanfei@cn.fujitsu.com>
In elf_ppc_load, allocated memory may not be free'd if the code
exits abnormally, by calling die() or return. So the patch fixes
the possible memory leak.
This patch is also a preparation for patch08.
Signed-off-by: Zhang Yanfei <zhangyanfei@cn.fujitsu.com>
---
kexec/arch/ppc/kexec-elf-ppc.c | 56 ++++++++++++++++++++++++---------------
1 files changed, 34 insertions(+), 22 deletions(-)
diff --git a/kexec/arch/ppc/kexec-elf-ppc.c b/kexec/arch/ppc/kexec-elf-ppc.c
index 65a65cc..1eb3a62 100644
--- a/kexec/arch/ppc/kexec-elf-ppc.c
+++ b/kexec/arch/ppc/kexec-elf-ppc.c
@@ -159,6 +159,7 @@ int elf_ppc_load(int argc, char **argv, const char *buf, off_t len,
int command_line_len;
char *dtb;
int result;
+ char *error_msg;
unsigned long max_addr, hole_addr;
struct mem_phdr *phdr;
size_t size;
@@ -196,6 +197,8 @@ int elf_ppc_load(int argc, char **argv, const char *buf, off_t len,
hole_addr = 0;
kernel_addr = 0;
ramdisk = 0;
+ result = 0;
+ error_msg = NULL;
while ((opt = getopt_long(argc, argv, short_options, options, 0)) != -1) {
switch (opt) {
@@ -232,6 +235,9 @@ int elf_ppc_load(int argc, char **argv, const char *buf, off_t len,
}
}
+ if (ramdisk && reuse_initrd)
+ die("Can't specify --ramdisk or --initrd with --reuseinitrd\n");
+
command_line_len = 0;
if (command_line) {
command_line_len = strlen(command_line) + 1;
@@ -240,9 +246,6 @@ int elf_ppc_load(int argc, char **argv, const char *buf, off_t len,
command_line_len = strlen(command_line) + 1;
}
- if (ramdisk && reuse_initrd)
- die("Can't specify --ramdisk or --initrd with --reuseinitrd\n");
-
fixup_nodes[cur_fixup] = NULL;
/* Need to append some command line parameters internally in case of
@@ -257,8 +260,7 @@ int elf_ppc_load(int argc, char **argv, const char *buf, off_t len,
/* Parse the Elf file */
result = build_elf_exec_info(buf, len, &ehdr, 0);
if (result < 0) {
- free_elf_info(&ehdr);
- return result;
+ goto out;
}
#ifdef WITH_GAMECUBE
@@ -287,8 +289,7 @@ int elf_ppc_load(int argc, char **argv, const char *buf, off_t len,
/* Load the Elf data */
result = elf_exec_load(&ehdr, info);
if (result < 0) {
- free_elf_info(&ehdr);
- return result;
+ goto out;
}
/* If panic kernel is being loaded, additional segments need
@@ -298,20 +299,11 @@ int elf_ppc_load(int argc, char **argv, const char *buf, off_t len,
result = load_crashdump_segments(info, crash_cmdline,
max_addr, 0);
if (result < 0) {
- free(crash_cmdline);
- return -1;
+ result = -1;
+ goto out;
}
}
- cmdline_buf = xmalloc(COMMAND_LINE_SIZE);
- memset((void *)cmdline_buf, 0, COMMAND_LINE_SIZE);
- if (command_line)
- strncat(cmdline_buf, command_line, command_line_len);
- if (crash_cmdline)
- strncat(cmdline_buf, crash_cmdline,
- sizeof(crash_cmdline) -
- strlen(crash_cmdline) - 1);
-
/*
* In case of a toy we take the hardcoded things and an easy setup via
* one of the assembly startups. Every thing else should be grown up
@@ -345,6 +337,15 @@ int elf_ppc_load(int argc, char **argv, const char *buf, off_t len,
info->entry = (void *)arg_base;
#else
+ cmdline_buf = xmalloc(COMMAND_LINE_SIZE);
+ memset((void *)cmdline_buf, 0, COMMAND_LINE_SIZE);
+ if (command_line)
+ strncat(cmdline_buf, command_line, command_line_len);
+ if (crash_cmdline)
+ strncat(cmdline_buf, crash_cmdline,
+ sizeof(crash_cmdline) -
+ strlen(crash_cmdline) - 1);
+
elf_rel_build_load(info, &info->rhdr, (const char *)purgatory,
purgatory_size, 0, elf_max_addr(&ehdr), 1, 0);
@@ -358,8 +359,10 @@ int elf_ppc_load(int argc, char **argv, const char *buf, off_t len,
create_flatten_tree(info, (unsigned char **)&blob_buf,
(unsigned long *)&blob_size, cmdline_buf);
}
- if (!blob_buf || !blob_size)
- die("Device tree seems to be an empty file.\n");
+ if (!blob_buf || !blob_size) {
+ error_msg = "Device tree seems to be an empty file.\n";
+ goto out2;
+ }
/* initial fixup for device tree */
blob_buf = fixup_dtb_init(info, blob_buf, &blob_size, kernel_addr, &dtb_addr);
@@ -394,7 +397,8 @@ int elf_ppc_load(int argc, char **argv, const char *buf, off_t len,
dtb_addr_actual = add_buffer(info, blob_buf, blob_size, blob_size, 0, dtb_addr,
kernel_addr + KERNEL_ACCESS_TOP, 1);
if (dtb_addr_actual != dtb_addr) {
- die("Error device tree not loadded to address it was expecting to be loaded too!\n");
+ error_msg = "Error device tree not loadded to address it was expecting to be loaded too!\n";
+ goto out2;
}
/*
@@ -439,7 +443,15 @@ int elf_ppc_load(int argc, char **argv, const char *buf, off_t len,
addr = elf_rel_get_addr(&info->rhdr, "purgatory_start");
info->entry = (void *)addr;
+
+out2:
+ free(cmdline_buf);
#endif
+out:
+ free_elf_info(&ehdr);
+ free(crash_cmdline);
+ if (error_msg)
+ die(error_msg);
- return 0;
+ return result;
}
--
1.7.1
_______________________________________________
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
next prev parent reply other threads:[~2013-03-25 15:12 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-03-25 15:03 [PATCH 01/13] kexec: fix possible memory leak in check_reuse_initrd Zhang Yanfei
2013-03-25 15:05 ` [PATCH 02/13] kexec: i386: bzImage: fix memory leak caused by get_command_line Zhang Yanfei
2013-03-27 12:36 ` Simon Horman
2013-03-25 15:07 ` [PATCH 03/13] kexec: i386: elf: fix possible memory leak in elf_x86_load Zhang Yanfei
2013-03-25 15:09 ` [PATCH 04/13] kexec: i386: elf: fix memory leak caused by get_command_line Zhang Yanfei
2013-03-27 12:37 ` Simon Horman
2013-03-27 12:36 ` [PATCH 03/13] kexec: i386: elf: fix possible memory leak in elf_x86_load Simon Horman
2013-03-25 15:10 ` [PATCH 05/13] kexec: i386: multiboot: fix possible memory leak in multiboot_x86_load Zhang Yanfei
2013-03-27 12:38 ` Simon Horman
2013-03-25 15:11 ` [PATCH 06/13] kexec: i386: multiboot: fix memory leak caused by get_command_line Zhang Yanfei
2013-03-27 12:38 ` Simon Horman
2013-03-25 15:12 ` Zhang Yanfei [this message]
2013-03-27 12:40 ` [PATCH 07/13] kexec: ppc: elf: fix possible memory leak in elf_ppc_load Simon Horman
2013-03-25 15:13 ` [PATCH 08/13] kexec: ppc: elf: fix memory leak caused by get_command_line Zhang Yanfei
2013-03-27 12:40 ` Simon Horman
2013-03-25 15:15 ` [PATCH 09/13] kexec: ppc: uImage: fix possible memory leak in ppc_load_bare_bits Zhang Yanfei
2013-03-27 12:41 ` Simon Horman
2013-03-25 15:15 ` [PATCH 10/13] kexec: ppc: uImage: fix memory leak caused by get_command_line Zhang Yanfei
2013-03-27 12:41 ` Simon Horman
2013-03-25 15:16 ` [PATCH 11/13] kexec: x86_64: bzImage64: " Zhang Yanfei
2013-03-27 12:41 ` Simon Horman
2013-03-25 15:17 ` [PATCH 12/13] kexec: x86_64: elf: " Zhang Yanfei
2013-03-27 12:42 ` Simon Horman
2013-03-25 15:18 ` [PATCH 13/13] kexec: x86_64: elf: fix possible memory leak in elf_x86_64_load Zhang Yanfei
2013-03-27 12:42 ` Simon Horman
2013-03-27 12:35 ` [PATCH 01/13] kexec: fix possible memory leak in check_reuse_initrd Simon Horman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=51506973.7050301@gmail.com \
--to=zhangyanfei.yes@gmail.com \
--cc=horms@verge.net.au \
--cc=kexec@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.