From: Mike Snitzer <snitzer@redhat.com>
To: Jesper Juhl <jj@chaosbits.net>
Cc: dm-devel@redhat.com, linux-kernel@vger.kernel.org,
linux-raid@vger.kernel.org
Subject: Re: [PATCH][rfc] md: Close mem leak in userspace_ctr()
Date: Tue, 14 Dec 2010 17:18:16 -0500 [thread overview]
Message-ID: <20101214221816.GA14227@redhat.com> (raw)
In-Reply-To: <alpine.LNX.2.00.1012140034300.26491@swampdragon.chaosbits.net>
On Mon, Dec 13 2010 at 6:40pm -0500,
Jesper Juhl <jj@chaosbits.net> wrote:
> Hi,
>
> There's a small memory leak in
> drivers/md/dm-log-userspace-base.c::userspace_ctr().
>
> The call to build_constructor_string() dynamically allocates memory for
> its last argument, but we do not always clean up that allocated memory.
I'm not seeing a leak.
The kfree() that you've added to the build_constructor_string() failure
path isn't needed because build_constructor_string() only returns error
if the kzalloc() failed.
Mike
> diff --git a/drivers/md/dm-log-userspace-base.c b/drivers/md/dm-log-userspace-base.c
> index 1ed0094..71a3049 100644
> --- a/drivers/md/dm-log-userspace-base.c
> +++ b/drivers/md/dm-log-userspace-base.c
> @@ -99,26 +99,22 @@ static int build_constructor_string(struct dm_target *ti,
> char **ctr_str)
> {
> int i, str_size;
> - char *str = NULL;
> -
> - *ctr_str = NULL;
>
> for (i = 0, str_size = 0; i < argc; i++)
> str_size += strlen(argv[i]) + 1; /* +1 for space between args */
>
> str_size += 20; /* Max number of chars in a printed u64 number */
>
> - str = kzalloc(str_size, GFP_KERNEL);
> - if (!str) {
> + *ctr_str = kzalloc(str_size, GFP_KERNEL);
> + if (!*ctr_str) {
> DMWARN("Unable to allocate memory for constructor string");
> return -ENOMEM;
> }
>
> - str_size = sprintf(str, "%llu", (unsigned long long)ti->len);
> + str_size = sprintf(*ctr_str, "%llu", (unsigned long long)ti->len);
> for (i = 0; i < argc; i++)
> - str_size += sprintf(str + str_size, " %s", argv[i]);
> + str_size += sprintf(*ctr_str + str_size, " %s", argv[i]);
>
> - *ctr_str = str;
> return str_size;
> }
>
> @@ -140,7 +136,7 @@ static int userspace_ctr(struct dm_dirty_log *log, struct dm_target *ti,
> {
> int r = 0;
> int str_size;
> - char *ctr_str = NULL;
> + char *ctr_str;
> struct log_c *lc = NULL;
> uint64_t rdata;
> size_t rdata_size = sizeof(rdata);
> @@ -173,6 +169,7 @@ static int userspace_ctr(struct dm_dirty_log *log, struct dm_target *ti,
>
> str_size = build_constructor_string(ti, argc - 1, argv + 1, &ctr_str);
> if (str_size < 0) {
> + kfree(ctr_str);
> kfree(lc);
> return str_size;
> }
next prev parent reply other threads:[~2010-12-14 22:18 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-12-13 23:40 [PATCH][rfc] md: Close mem leak in userspace_ctr() Jesper Juhl
2010-12-14 22:18 ` Mike Snitzer [this message]
2010-12-17 12:18 ` Jesper Juhl
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20101214221816.GA14227@redhat.com \
--to=snitzer@redhat.com \
--cc=dm-devel@redhat.com \
--cc=jj@chaosbits.net \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-raid@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).