From: "Nicholas A. Bellinger" <nab@linux-iscsi.org>
To: linux-scsi <linux-scsi@vger.kernel.org>,
James Bottomley <James.Bottomley@HansenPartnership.com>
Cc: Jesper Juhl <jj@chaosbits.net>,
"Nicholas A. Bellinger" <nab@linux-iscsi.org>
Subject: [PATCH 05/31] target/file: Fix memory leak in fd_set_configfs_dev_params().
Date: Wed, 9 Feb 2011 15:34:40 -0800 [thread overview]
Message-ID: <1297294506-23579-6-git-send-email-nab@linux-iscsi.org> (raw)
In-Reply-To: <1297294506-23579-1-git-send-email-nab@linux-iscsi.org>
From: Jesper Juhl <jj@chaosbits.net>
match_strdup() dynamically allocates memory and it is the responsabillity
of the caller to free that memory. In
drivers/target/target_core_file.c::fd_set_configfs_dev_params() two calls
are made to match_strdup() and in neither case is the allocated memory
freed, but instead it is leaked.
This patch should take care of the problem by kfree()'ing the allocated
memory once it is no longer needed. It also makes sure to return -ENOMEM
if the memory allocation in match_strdup() should fail.
Signed-off-by: Jesper Juhl <jj@chaosbits.net>
Signed-off-by: Nicholas A. Bellinger <nab@linux-iscsi.org>
---
drivers/target/target_core_file.c | 13 ++++++++++++-
1 files changed, 12 insertions(+), 1 deletions(-)
diff --git a/drivers/target/target_core_file.c b/drivers/target/target_core_file.c
index 0aaca88..676a010 100644
--- a/drivers/target/target_core_file.c
+++ b/drivers/target/target_core_file.c
@@ -537,15 +537,26 @@ static ssize_t fd_set_configfs_dev_params(
token = match_token(ptr, tokens, args);
switch (token) {
case Opt_fd_dev_name:
+ arg_p = match_strdup(&args[0]);
+ if (!arg_p) {
+ ret = -ENOMEM;
+ break;
+ }
snprintf(fd_dev->fd_dev_name, FD_MAX_DEV_NAME,
- "%s", match_strdup(&args[0]));
+ "%s", arg_p);
+ kfree(arg_p);
printk(KERN_INFO "FILEIO: Referencing Path: %s\n",
fd_dev->fd_dev_name);
fd_dev->fbd_flags |= FBDF_HAS_PATH;
break;
case Opt_fd_dev_size:
arg_p = match_strdup(&args[0]);
+ if (!arg_p) {
+ ret = -ENOMEM;
+ break;
+ }
ret = strict_strtoull(arg_p, 0, &fd_dev->fd_dev_size);
+ kfree(arg_p);
if (ret < 0) {
printk(KERN_ERR "strict_strtoull() failed for"
" fd_dev_size=\n");
--
1.7.4
next prev parent reply other threads:[~2011-02-09 23:35 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-02-09 23:34 [PATCH 00/31] target: mainline updates for .38-rc5 Nicholas A. Bellinger
2011-02-09 23:34 ` [PATCH 01/31] target: iblock/pscsi claim checking for NULL instead of IS_ERR Nicholas A. Bellinger
2011-02-09 23:34 ` [PATCH 02/31] target: fix dubious one-bit signed bitfield Nicholas A. Bellinger
2011-02-09 23:34 ` [PATCH 03/31] target/iblock: Fix failed bd claim NULL pointer dereference Nicholas A. Bellinger
2011-02-09 23:34 ` [PATCH 04/31] target: Fix memory leak on error path Nicholas A. Bellinger
2011-02-09 23:34 ` Nicholas A. Bellinger [this message]
2011-02-09 23:34 ` [PATCH 06/31] target/iblock: Fix memory leak in iblock_set_configfs_dev_params Nicholas A. Bellinger
2011-02-09 23:34 ` [PATCH 07/31] target: Fix memory leaks in target_core_dev_pr_store_attr_res_aptpl_metadata Nicholas A. Bellinger
2011-02-09 23:34 ` [PATCH 08/31] target: Fix demo-mode MappedLUN shutdown UA/PR breakage Nicholas A. Bellinger
2011-02-09 23:34 ` [PATCH 09/31] target: Release left-over demo-mode NodeACLs w/ tfo->tpg_check_demo_mode_cache()=1 Nicholas A. Bellinger
2011-02-09 23:34 ` [PATCH 10/31] target: tcm_mod_builder.py generated Makefile cleanups Nicholas A. Bellinger
2011-02-09 23:34 ` [PATCH 11/31] target: do not include target_core_mib.h under include/target Nicholas A. Bellinger
2011-02-09 23:34 ` [PATCH 12/31] target: Convert backend ->create_virtdevice() call to return ERR_PTR Nicholas A. Bellinger
2011-02-09 23:34 ` [PATCH 13/31] target: Drop nacl->device_list_lock on core_update_device_list_for_node failure Nicholas A. Bellinger
2011-02-09 23:34 ` [PATCH 14/31] target: Convert rd_build_device_space() to use errno Nicholas A. Bellinger
2011-02-09 23:34 ` [PATCH 15/31] target: Convert TMR REQ/RSP definitions to target namespace Nicholas A. Bellinger
2011-02-09 23:34 ` [PATCH 16/31] target core v4.0.0-rc7 Nicholas A. Bellinger
2011-02-09 23:34 ` [PATCH 17/31] target: Avoid mem leak and needless work in transport_generic_get_mem Nicholas A. Bellinger
2011-02-09 23:34 ` [PATCH 18/31] target: Fix top-level configfs_subsystem default_group shutdown breakage Nicholas A. Bellinger
2011-02-09 23:34 ` [PATCH 19/31] target: Move core_delete_hba() into ->release() callback Nicholas A. Bellinger
2011-02-09 23:34 ` [PATCH 20/31] target: Move subdev release logic " Nicholas A. Bellinger
2011-02-09 23:34 ` [PATCH 21/31] target: Move core_alua_free_lu_gp() " Nicholas A. Bellinger
2011-02-09 23:34 ` [PATCH 22/31] target: Move core_alua_free_tg_pt_gp() " Nicholas A. Bellinger
2011-02-09 23:34 ` [PATCH 23/31] target: Move fabric dependent struct se_wwn free " Nicholas A. Bellinger
2011-02-09 23:34 ` [PATCH 24/31] target: Move fabric dependent se_portal_group " Nicholas A. Bellinger
2011-02-09 23:35 ` [PATCH 25/31] target: Move fabric dependent se_node_acl free into ->release callback() Nicholas A. Bellinger
2011-02-09 23:35 ` [PATCH 26/31] target: Move fabric dependent struct se_tpg_np free into ->release() callback Nicholas A. Bellinger
2011-02-09 23:35 ` [PATCH 27/31] target: Move fabric independent se_lun_acl " Nicholas A. Bellinger
2011-02-09 23:35 ` [PATCH 28/31] target: Remove procfs based target_core_mib.c code Nicholas A. Bellinger
2011-02-09 23:35 ` [PATCH 29/31] target: Fix SCF_SCSI_CONTROL_SG_IO_CDB breakage Nicholas A. Bellinger
2011-02-09 23:35 ` [PATCH 30/31] target: Fix bogus return in transport_add_device_to_core_hba failure path Nicholas A. Bellinger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1297294506-23579-6-git-send-email-nab@linux-iscsi.org \
--to=nab@linux-iscsi.org \
--cc=James.Bottomley@HansenPartnership.com \
--cc=jj@chaosbits.net \
--cc=linux-scsi@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).