[PATCH 1/2] staging: tidspbridge: fix bridge_open memory leaks

linux-omap.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Omar Ramirez Luna <omar.ramirez@ti.com>
To: Greg Kroah-Hartman <gregkh@suse.de>
Cc: Omar Ramirez Luna <omar.ramirez@ti.com>,
	Felipe Contreras <felipe.contreras@gmail.com>,
	devel@driverdev.osuosl.org, linux-omap@vger.kernel.org
Subject: [PATCH 1/2] staging: tidspbridge: fix bridge_open memory leaks
Date: Mon, 30 Jan 2012 19:20:17 -0600	[thread overview]
Message-ID: <1327972818-30993-2-git-send-email-omar.ramirez@ti.com> (raw)
In-Reply-To: <1327972818-30993-1-git-send-email-omar.ramirez@ti.com>

There are two members of pr_ctxt allocated during bridge_open that
are never freed resulting in memory leaks, these are stream_id and
node_id, they are now freed on release of the handle (bridge_release)
right before freeing pr_ctxt.

Error path for bridge_open was also fixed since the same variables
could result in memory leaking due to missing handling of failure
scenarios. While at it, the indentation changes were introduced to
avoid interleaved goto statements inside big if blocks.

Signed-off-by: Omar Ramirez Luna <omar.ramirez@ti.com>
---
 drivers/staging/tidspbridge/rmgr/drv_interface.c |   55 +++++++++++++---------
 1 files changed, 32 insertions(+), 23 deletions(-)

diff --git a/drivers/staging/tidspbridge/rmgr/drv_interface.c b/drivers/staging/tidspbridge/rmgr/drv_interface.c
index 76cfc6e..8bac511 100644
--- a/drivers/staging/tidspbridge/rmgr/drv_interface.c
+++ b/drivers/staging/tidspbridge/rmgr/drv_interface.c
@@ -500,35 +500,42 @@ static int bridge_open(struct inode *ip, struct file *filp)
 	}
 #endif
 	pr_ctxt = kzalloc(sizeof(struct process_context), GFP_KERNEL);
-	if (pr_ctxt) {
-		pr_ctxt->res_state = PROC_RES_ALLOCATED;
-		spin_lock_init(&pr_ctxt->dmm_map_lock);
-		INIT_LIST_HEAD(&pr_ctxt->dmm_map_list);
-		spin_lock_init(&pr_ctxt->dmm_rsv_lock);
-		INIT_LIST_HEAD(&pr_ctxt->dmm_rsv_list);
-
-		pr_ctxt->node_id = kzalloc(sizeof(struct idr), GFP_KERNEL);
-		if (pr_ctxt->node_id) {
-			idr_init(pr_ctxt->node_id);
-		} else {
-			status = -ENOMEM;
-			goto err;
-		}
+	if (!pr_ctxt)
+		return -ENOMEM;
+
+	pr_ctxt->res_state = PROC_RES_ALLOCATED;
+	spin_lock_init(&pr_ctxt->dmm_map_lock);
+	INIT_LIST_HEAD(&pr_ctxt->dmm_map_list);
+	spin_lock_init(&pr_ctxt->dmm_rsv_lock);
+	INIT_LIST_HEAD(&pr_ctxt->dmm_rsv_list);
 
-		pr_ctxt->stream_id = kzalloc(sizeof(struct idr), GFP_KERNEL);
-		if (pr_ctxt->stream_id)
-			idr_init(pr_ctxt->stream_id);
-		else
-			status = -ENOMEM;
-	} else {
+	pr_ctxt->node_id = kzalloc(sizeof(struct idr), GFP_KERNEL);
+	if (!pr_ctxt->node_id) {
 		status = -ENOMEM;
+		goto err1;
 	}
-err:
+
+	idr_init(pr_ctxt->node_id);
+
+	pr_ctxt->stream_id = kzalloc(sizeof(struct idr), GFP_KERNEL);
+	if (!pr_ctxt->stream_id) {
+		status = -ENOMEM;
+		goto err2;
+	}
+
+	idr_init(pr_ctxt->stream_id);
+
 	filp->private_data = pr_ctxt;
+
 #ifdef CONFIG_TIDSPBRIDGE_RECOVERY
-	if (!status)
-		atomic_inc(&bridge_cref);
+	atomic_inc(&bridge_cref);
 #endif
+	return 0;
+
+err2:
+	kfree(pr_ctxt->node_id);
+err1:
+	kfree(pr_ctxt);
 	return status;
 }
 
@@ -550,6 +557,8 @@ static int bridge_release(struct inode *ip, struct file *filp)
 	flush_signals(current);
 	drv_remove_all_resources(pr_ctxt);
 	proc_detach(pr_ctxt);
+	kfree(pr_ctxt->node_id);
+	kfree(pr_ctxt->stream_id);
 	kfree(pr_ctxt);
 
 	filp->private_data = NULL;
-- 
1.7.4.1

next prev parent reply	other threads:[~2012-01-31  1:20 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-01-31  1:20 [PATCH 0/2] staging: tidspbridge: memory leak fixes Omar Ramirez Luna
2012-01-31  1:20 ` Omar Ramirez Luna [this message]
2012-01-31  8:17   ` [PATCH 1/2] staging: tidspbridge: fix bridge_open memory leaks Dan Carpenter
2012-01-31 18:09     ` Omar Ramirez Luna
2012-01-31 18:40       ` Dan Carpenter
2012-01-31  1:20 ` [PATCH 2/2] staging: tidspbridge: fix incorrect free to drv_datap Omar Ramirez Luna
2012-01-31  8:21   ` Dan Carpenter
2012-01-31 18:19     ` Ramirez Luna, Omar
2012-01-31 18:43       ` Dan Carpenter
2012-01-31 19:39         ` Felipe Contreras
2012-02-01  6:58           ` Dan Carpenter
2012-02-01  7:27             ` Felipe Contreras

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:76cfc6e dfblob:8bac511 )
 OR (
bs:"[PATCH 1/2] staging: tidspbridge: fix bridge_open memory leaks" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1327972818-30993-2-git-send-email-omar.ramirez@ti.com \
    --to=omar.ramirez@ti.com \
    --cc=devel@driverdev.osuosl.org \
    --cc=felipe.contreras@gmail.com \
    --cc=gregkh@suse.de \
    --cc=linux-omap@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).