From: Zhang Yanfei <zhangyanfei.yes@gmail.com>
To: Simon Horman <horms@verge.net.au>
Cc: "kexec@lists.infradead.org" <kexec@lists.infradead.org>
Subject: [PATCH 07/13] kexec: ppc: elf: fix possible memory leak in elf_ppc_load
Date: Mon, 25 Mar 2013 23:12:51 +0800 [thread overview]
Message-ID: <51506973.7050301@gmail.com> (raw)
In-Reply-To: <51506758.4070902@gmail.com>
From: Zhang Yanfei <zhangyanfei@cn.fujitsu.com>
In elf_ppc_load, allocated memory may not be free'd if the code
exits abnormally, by calling die() or return. So the patch fixes
the possible memory leak.
This patch is also a preparation for patch08.
Signed-off-by: Zhang Yanfei <zhangyanfei@cn.fujitsu.com>
---
kexec/arch/ppc/kexec-elf-ppc.c | 56 ++++++++++++++++++++++++---------------
1 files changed, 34 insertions(+), 22 deletions(-)
diff --git a/kexec/arch/ppc/kexec-elf-ppc.c b/kexec/arch/ppc/kexec-elf-ppc.c
index 65a65cc..1eb3a62 100644
--- a/kexec/arch/ppc/kexec-elf-ppc.c
+++ b/kexec/arch/ppc/kexec-elf-ppc.c
@@ -159,6 +159,7 @@ int elf_ppc_load(int argc, char **argv, const char *buf, off_t len,
int command_line_len;
char *dtb;
int result;
+ char *error_msg;
unsigned long max_addr, hole_addr;
struct mem_phdr *phdr;
size_t size;
@@ -196,6 +197,8 @@ int elf_ppc_load(int argc, char **argv, const char *buf, off_t len,
hole_addr = 0;
kernel_addr = 0;
ramdisk = 0;
+ result = 0;
+ error_msg = NULL;
while ((opt = getopt_long(argc, argv, short_options, options, 0)) != -1) {
switch (opt) {
@@ -232,6 +235,9 @@ int elf_ppc_load(int argc, char **argv, const char *buf, off_t len,
}
}
+ if (ramdisk && reuse_initrd)
+ die("Can't specify --ramdisk or --initrd with --reuseinitrd\n");
+
command_line_len = 0;
if (command_line) {
command_line_len = strlen(command_line) + 1;
@@ -240,9 +246,6 @@ int elf_ppc_load(int argc, char **argv, const char *buf, off_t len,
command_line_len = strlen(command_line) + 1;
}
- if (ramdisk && reuse_initrd)
- die("Can't specify --ramdisk or --initrd with --reuseinitrd\n");
-
fixup_nodes[cur_fixup] = NULL;
/* Need to append some command line parameters internally in case of
@@ -257,8 +260,7 @@ int elf_ppc_load(int argc, char **argv, const char *buf, off_t len,
/* Parse the Elf file */
result = build_elf_exec_info(buf, len, &ehdr, 0);
if (result < 0) {
- free_elf_info(&ehdr);
- return result;
+ goto out;
}
#ifdef WITH_GAMECUBE
@@ -287,8 +289,7 @@ int elf_ppc_load(int argc, char **argv, const char *buf, off_t len,
/* Load the Elf data */
result = elf_exec_load(&ehdr, info);
if (result < 0) {
- free_elf_info(&ehdr);
- return result;
+ goto out;
}
/* If panic kernel is being loaded, additional segments need
@@ -298,20 +299,11 @@ int elf_ppc_load(int argc, char **argv, const char *buf, off_t len,
result = load_crashdump_segments(info, crash_cmdline,
max_addr, 0);
if (result < 0) {
- free(crash_cmdline);
- return -1;
+ result = -1;
+ goto out;
}
}
- cmdline_buf = xmalloc(COMMAND_LINE_SIZE);
- memset((void *)cmdline_buf, 0, COMMAND_LINE_SIZE);
- if (command_line)
- strncat(cmdline_buf, command_line, command_line_len);
- if (crash_cmdline)
- strncat(cmdline_buf, crash_cmdline,
- sizeof(crash_cmdline) -
- strlen(crash_cmdline) - 1);
-
/*
* In case of a toy we take the hardcoded things and an easy setup via
* one of the assembly startups. Every thing else should be grown up
@@ -345,6 +337,15 @@ int elf_ppc_load(int argc, char **argv, const char *buf, off_t len,
info->entry = (void *)arg_base;
#else
+ cmdline_buf = xmalloc(COMMAND_LINE_SIZE);
+ memset((void *)cmdline_buf, 0, COMMAND_LINE_SIZE);
+ if (command_line)
+ strncat(cmdline_buf, command_line, command_line_len);
+ if (crash_cmdline)
+ strncat(cmdline_buf, crash_cmdline,
+ sizeof(crash_cmdline) -
+ strlen(crash_cmdline) - 1);
+
elf_rel_build_load(info, &info->rhdr, (const char *)purgatory,
purgatory_size, 0, elf_max_addr(&ehdr), 1, 0);
@@ -358,8 +359,10 @@ int elf_ppc_load(int argc, char **argv, const char *buf, off_t len,
create_flatten_tree(info, (unsigned char **)&blob_buf,
(unsigned long *)&blob_size, cmdline_buf);
}
- if (!blob_buf || !blob_size)
- die("Device tree seems to be an empty file.\n");
+ if (!blob_buf || !blob_size) {
+ error_msg = "Device tree seems to be an empty file.\n";
+ goto out2;
+ }
/* initial fixup for device tree */
blob_buf = fixup_dtb_init(info, blob_buf, &blob_size, kernel_addr, &dtb_addr);
@@ -394,7 +397,8 @@ int elf_ppc_load(int argc, char **argv, const char *buf, off_t len,
dtb_addr_actual = add_buffer(info, blob_buf, blob_size, blob_size, 0, dtb_addr,
kernel_addr + KERNEL_ACCESS_TOP, 1);
if (dtb_addr_actual != dtb_addr) {
- die("Error device tree not loadded to address it was expecting to be loaded too!\n");
+ error_msg = "Error device tree not loadded to address it was expecting to be loaded too!\n";
+ goto out2;
}
/*
@@ -439,7 +443,15 @@ int elf_ppc_load(int argc, char **argv, const char *buf, off_t len,
addr = elf_rel_get_addr(&info->rhdr, "purgatory_start");
info->entry = (void *)addr;
+
+out2:
+ free(cmdline_buf);
#endif
+out:
+ free_elf_info(&ehdr);
+ free(crash_cmdline);
+ if (error_msg)
+ die(error_msg);
- return 0;
+ return result;
}
--
1.7.1
_______________________________________________
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
next prev parent reply other threads:[~2013-03-25 15:12 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-03-25 15:03 [PATCH 01/13] kexec: fix possible memory leak in check_reuse_initrd Zhang Yanfei
2013-03-25 15:05 ` [PATCH 02/13] kexec: i386: bzImage: fix memory leak caused by get_command_line Zhang Yanfei
2013-03-27 12:36 ` Simon Horman
2013-03-25 15:07 ` [PATCH 03/13] kexec: i386: elf: fix possible memory leak in elf_x86_load Zhang Yanfei
2013-03-25 15:09 ` [PATCH 04/13] kexec: i386: elf: fix memory leak caused by get_command_line Zhang Yanfei
2013-03-27 12:37 ` Simon Horman
2013-03-27 12:36 ` [PATCH 03/13] kexec: i386: elf: fix possible memory leak in elf_x86_load Simon Horman
2013-03-25 15:10 ` [PATCH 05/13] kexec: i386: multiboot: fix possible memory leak in multiboot_x86_load Zhang Yanfei
2013-03-27 12:38 ` Simon Horman
2013-03-25 15:11 ` [PATCH 06/13] kexec: i386: multiboot: fix memory leak caused by get_command_line Zhang Yanfei
2013-03-27 12:38 ` Simon Horman
2013-03-25 15:12 ` Zhang Yanfei [this message]
2013-03-27 12:40 ` [PATCH 07/13] kexec: ppc: elf: fix possible memory leak in elf_ppc_load Simon Horman
2013-03-25 15:13 ` [PATCH 08/13] kexec: ppc: elf: fix memory leak caused by get_command_line Zhang Yanfei
2013-03-27 12:40 ` Simon Horman
2013-03-25 15:15 ` [PATCH 09/13] kexec: ppc: uImage: fix possible memory leak in ppc_load_bare_bits Zhang Yanfei
2013-03-27 12:41 ` Simon Horman
2013-03-25 15:15 ` [PATCH 10/13] kexec: ppc: uImage: fix memory leak caused by get_command_line Zhang Yanfei
2013-03-27 12:41 ` Simon Horman
2013-03-25 15:16 ` [PATCH 11/13] kexec: x86_64: bzImage64: " Zhang Yanfei
2013-03-27 12:41 ` Simon Horman
2013-03-25 15:17 ` [PATCH 12/13] kexec: x86_64: elf: " Zhang Yanfei
2013-03-27 12:42 ` Simon Horman
2013-03-25 15:18 ` [PATCH 13/13] kexec: x86_64: elf: fix possible memory leak in elf_x86_64_load Zhang Yanfei
2013-03-27 12:42 ` Simon Horman
2013-03-27 12:35 ` [PATCH 01/13] kexec: fix possible memory leak in check_reuse_initrd Simon Horman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=51506973.7050301@gmail.com \
--to=zhangyanfei.yes@gmail.com \
--cc=horms@verge.net.au \
--cc=kexec@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox