* [PATCH] net: qrtr: Fix memory leak on qrtr_tx_wait failure
@ 2021-03-30 14:11 Loic Poulain
2021-03-30 15:15 ` Bjorn Andersson
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Loic Poulain @ 2021-03-30 14:11 UTC (permalink / raw)
To: manivannan.sadhasivam; +Cc: netdev, bjorn.andersson, kuba, davem, Loic Poulain
qrtr_tx_wait does not check for radix_tree_insert failure, causing
the 'flow' object to be unreferenced after qrtr_tx_wait return. Fix
that by releasing flow on radix_tree_insert failure.
Fixes: 5fdeb0d372ab ("net: qrtr: Implement outgoing flow control")
Reported-by: syzbot+739016799a89c530b32a@syzkaller.appspotmail.com
Signed-off-by: Loic Poulain <loic.poulain@linaro.org>
---
net/qrtr/qrtr.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/net/qrtr/qrtr.c b/net/qrtr/qrtr.c
index f4ab3ca6..a01b50c7 100644
--- a/net/qrtr/qrtr.c
+++ b/net/qrtr/qrtr.c
@@ -271,7 +271,10 @@ static int qrtr_tx_wait(struct qrtr_node *node, int dest_node, int dest_port,
flow = kzalloc(sizeof(*flow), GFP_KERNEL);
if (flow) {
init_waitqueue_head(&flow->resume_tx);
- radix_tree_insert(&node->qrtr_tx_flow, key, flow);
+ if (radix_tree_insert(&node->qrtr_tx_flow, key, flow)) {
+ kfree(flow);
+ flow = NULL;
+ }
}
}
mutex_unlock(&node->qrtr_tx_lock);
--
2.7.4
^ permalink raw reply related [flat|nested] 4+ messages in thread* Re: [PATCH] net: qrtr: Fix memory leak on qrtr_tx_wait failure
2021-03-30 14:11 [PATCH] net: qrtr: Fix memory leak on qrtr_tx_wait failure Loic Poulain
@ 2021-03-30 15:15 ` Bjorn Andersson
2021-03-30 17:09 ` Manivannan Sadhasivam
2021-03-30 20:50 ` patchwork-bot+netdevbpf
2 siblings, 0 replies; 4+ messages in thread
From: Bjorn Andersson @ 2021-03-30 15:15 UTC (permalink / raw)
To: Loic Poulain; +Cc: manivannan.sadhasivam, netdev, kuba, davem
On Tue 30 Mar 09:11 CDT 2021, Loic Poulain wrote:
> qrtr_tx_wait does not check for radix_tree_insert failure, causing
> the 'flow' object to be unreferenced after qrtr_tx_wait return. Fix
> that by releasing flow on radix_tree_insert failure.
>
> Fixes: 5fdeb0d372ab ("net: qrtr: Implement outgoing flow control")
> Reported-by: syzbot+739016799a89c530b32a@syzkaller.appspotmail.com
> Signed-off-by: Loic Poulain <loic.poulain@linaro.org>
Reviewed-by: Bjorn Andersson <bjorn.andersson@linaro.org>
Regards,
Bjorn
> ---
> net/qrtr/qrtr.c | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/net/qrtr/qrtr.c b/net/qrtr/qrtr.c
> index f4ab3ca6..a01b50c7 100644
> --- a/net/qrtr/qrtr.c
> +++ b/net/qrtr/qrtr.c
> @@ -271,7 +271,10 @@ static int qrtr_tx_wait(struct qrtr_node *node, int dest_node, int dest_port,
> flow = kzalloc(sizeof(*flow), GFP_KERNEL);
> if (flow) {
> init_waitqueue_head(&flow->resume_tx);
> - radix_tree_insert(&node->qrtr_tx_flow, key, flow);
> + if (radix_tree_insert(&node->qrtr_tx_flow, key, flow)) {
> + kfree(flow);
> + flow = NULL;
> + }
> }
> }
> mutex_unlock(&node->qrtr_tx_lock);
> --
> 2.7.4
>
^ permalink raw reply [flat|nested] 4+ messages in thread* Re: [PATCH] net: qrtr: Fix memory leak on qrtr_tx_wait failure
2021-03-30 14:11 [PATCH] net: qrtr: Fix memory leak on qrtr_tx_wait failure Loic Poulain
2021-03-30 15:15 ` Bjorn Andersson
@ 2021-03-30 17:09 ` Manivannan Sadhasivam
2021-03-30 20:50 ` patchwork-bot+netdevbpf
2 siblings, 0 replies; 4+ messages in thread
From: Manivannan Sadhasivam @ 2021-03-30 17:09 UTC (permalink / raw)
To: Loic Poulain; +Cc: netdev, bjorn.andersson, kuba, davem
On Tue, Mar 30, 2021 at 04:11:08PM +0200, Loic Poulain wrote:
> qrtr_tx_wait does not check for radix_tree_insert failure, causing
> the 'flow' object to be unreferenced after qrtr_tx_wait return. Fix
> that by releasing flow on radix_tree_insert failure.
>
> Fixes: 5fdeb0d372ab ("net: qrtr: Implement outgoing flow control")
> Reported-by: syzbot+739016799a89c530b32a@syzkaller.appspotmail.com
> Signed-off-by: Loic Poulain <loic.poulain@linaro.org>
Reviewed-by: Manivannan Sadhasivam <manivannan.sadhasivam@linaro.org>
Thanks,
Mani
> ---
> net/qrtr/qrtr.c | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/net/qrtr/qrtr.c b/net/qrtr/qrtr.c
> index f4ab3ca6..a01b50c7 100644
> --- a/net/qrtr/qrtr.c
> +++ b/net/qrtr/qrtr.c
> @@ -271,7 +271,10 @@ static int qrtr_tx_wait(struct qrtr_node *node, int dest_node, int dest_port,
> flow = kzalloc(sizeof(*flow), GFP_KERNEL);
> if (flow) {
> init_waitqueue_head(&flow->resume_tx);
> - radix_tree_insert(&node->qrtr_tx_flow, key, flow);
> + if (radix_tree_insert(&node->qrtr_tx_flow, key, flow)) {
> + kfree(flow);
> + flow = NULL;
> + }
> }
> }
> mutex_unlock(&node->qrtr_tx_lock);
> --
> 2.7.4
>
^ permalink raw reply [flat|nested] 4+ messages in thread* Re: [PATCH] net: qrtr: Fix memory leak on qrtr_tx_wait failure
2021-03-30 14:11 [PATCH] net: qrtr: Fix memory leak on qrtr_tx_wait failure Loic Poulain
2021-03-30 15:15 ` Bjorn Andersson
2021-03-30 17:09 ` Manivannan Sadhasivam
@ 2021-03-30 20:50 ` patchwork-bot+netdevbpf
2 siblings, 0 replies; 4+ messages in thread
From: patchwork-bot+netdevbpf @ 2021-03-30 20:50 UTC (permalink / raw)
To: Loic Poulain; +Cc: manivannan.sadhasivam, netdev, bjorn.andersson, kuba, davem
Hello:
This patch was applied to netdev/net.git (refs/heads/master):
On Tue, 30 Mar 2021 16:11:08 +0200 you wrote:
> qrtr_tx_wait does not check for radix_tree_insert failure, causing
> the 'flow' object to be unreferenced after qrtr_tx_wait return. Fix
> that by releasing flow on radix_tree_insert failure.
>
> Fixes: 5fdeb0d372ab ("net: qrtr: Implement outgoing flow control")
> Reported-by: syzbot+739016799a89c530b32a@syzkaller.appspotmail.com
> Signed-off-by: Loic Poulain <loic.poulain@linaro.org>
>
> [...]
Here is the summary with links:
- net: qrtr: Fix memory leak on qrtr_tx_wait failure
https://git.kernel.org/netdev/net/c/8a03dd925786
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-03-30 20:50 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2021-03-30 14:11 [PATCH] net: qrtr: Fix memory leak on qrtr_tx_wait failure Loic Poulain
2021-03-30 15:15 ` Bjorn Andersson
2021-03-30 17:09 ` Manivannan Sadhasivam
2021-03-30 20:50 ` patchwork-bot+netdevbpf
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).