* Memleak in e100 driver
@ 2003-03-12 18:58 Oleg Drokin
0 siblings, 0 replies; only message in thread
From: Oleg Drokin @ 2003-03-12 18:58 UTC (permalink / raw)
To: scott.feldman, alan, torvalds, linux-kernel
Hello!
There is a memleak in e100 driver from intel, both in 2.4 and 2.5
e100_ethtool_gstrings does not free "strings" variable if it cannot
copy it to userspace.
See the patch (identical for both 2.4 and 2.5).
Found with help of smatch + enhanced unfree script.
Bye,
Oleg
===== drivers/net/e100/e100_main.c 1.23 vs edited =====
--- 1.23/drivers/net/e100/e100_main.c Sat Feb 1 22:38:18 2003
+++ edited/drivers/net/e100/e100_main.c Wed Mar 12 21:50:32 2003
@@ -3824,11 +3824,15 @@
return -EOPNOTSUPP;
}
- if (copy_to_user(ifr->ifr_data, &info, sizeof (info)))
+ if (copy_to_user(ifr->ifr_data, &info, sizeof (info))) {
+ kfree(strings);
return -EFAULT;
+ }
- if (copy_to_user(usr_strings, strings, info.len * ETH_GSTRING_LEN))
+ if (copy_to_user(usr_strings, strings, info.len * ETH_GSTRING_LEN)) {
+ kfree(strings);
return -EFAULT;
+ }
kfree(strings);
return 0;
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2003-03-12 18:48 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-03-12 18:58 Memleak in e100 driver Oleg Drokin
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox