[PATCH] block: rbd: fixed may leaks

public inbox for kernel-janitors@vger.kernel.org
 help / color / mirror / Atom feed

* [PATCH] block: rbd: fixed may leaks
@ 2010-09-26  8:59 Vasiliy Kulikov
  2010-09-27 17:47 ` Yehuda Sadeh Weinraub
  0 siblings, 1 reply; 2+ messages in thread
From: Vasiliy Kulikov @ 2010-09-26  8:59 UTC (permalink / raw)
  To: kernel-janitors; +Cc: Yehuda Sadeh, Sage Weil, ceph-devel, linux-kernel

rbd_client_create() doesn't free rbdc, this leads to many leaks.

seg_len in rbd_do_op() is unsigned, so (seg_len < 0) makes no sense.
Also if fixed check fails then seg_name is leaked.
---
 Compile tested.

 drivers/block/rbd.c |   14 ++++++++------
 1 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/drivers/block/rbd.c b/drivers/block/rbd.c
index c42f305..83b15dd 100644
--- a/drivers/block/rbd.c
+++ b/drivers/block/rbd.c
@@ -241,6 +241,7 @@ static struct rbd_client *rbd_client_create(struct ceph_options *opt)
 	rbdc->client = ceph_create_client(opt, rbdc);
 	if (IS_ERR(rbdc->client))
 		goto out_rbdc;
+	opt = NULL; /* Now rbdc->client is responsible for opt */
 
 	ret = ceph_open_session(rbdc->client);
 	if (ret < 0)
@@ -255,13 +256,12 @@ static struct rbd_client *rbd_client_create(struct ceph_options *opt)
 
 out_err:
 	ceph_destroy_client(rbdc->client);
-	return ERR_PTR(ret);
-
 out_rbdc:
 	kfree(rbdc);
 out_opt:
-	ceph_destroy_options(opt);
-	return ERR_PTR(-ENOMEM);
+	if (opt)
+		ceph_destroy_options(opt);
+	return ERR_PTR(ret);
 }
 
 /*
@@ -889,8 +889,10 @@ static int rbd_do_op(struct request *rq,
 				  rbd_dev->header.block_name,
 				  ofs, len,
 				  seg_name, &seg_ofs);
-	if (seg_len < 0)
-		return seg_len;
+	if ((s64)seg_len < 0) {
+		ret = seg_len;
+		goto done;
+	}
 
 	payload_len = (flags & CEPH_OSD_FLAG_WRITE ? seg_len : 0);
 
-- 
1.7.0.4


^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: [PATCH] block: rbd: fixed may leaks
  2010-09-26  8:59 [PATCH] block: rbd: fixed may leaks Vasiliy Kulikov
@ 2010-09-27 17:47 ` Yehuda Sadeh Weinraub
  0 siblings, 0 replies; 2+ messages in thread
From: Yehuda Sadeh Weinraub @ 2010-09-27 17:47 UTC (permalink / raw)
  To: Vasiliy Kulikov; +Cc: kernel-janitors, Sage Weil, ceph-devel, linux-kernel

On Sun, Sep 26, 2010 at 1:59 AM, Vasiliy Kulikov <segooon@gmail.com> wrote:
> rbd_client_create() doesn't free rbdc, this leads to many leaks.
>
> seg_len in rbd_do_op() is unsigned, so (seg_len < 0) makes no sense.
> Also if fixed check fails then seg_name is leaked.
> ---

Pushed to our unstable tree. Added missing signed-off by.

Thanks,
Yehuda

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2010-09-27 17:47 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-09-26  8:59 [PATCH] block: rbd: fixed may leaks Vasiliy Kulikov
2010-09-27 17:47 ` Yehuda Sadeh Weinraub

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox