Re: [PATCH] aironet4500_cs.c kmalloc checking

From: Bill Wendling (wendling@ganymede.isdn.uiuc.edu)
Date: Tue Aug 08 2000 - 14:39:08 EST

Also sprach Arnaldo Carvalho de Melo:
} Hi,
}
} Please apply this patch.
}
} - Arnaldo
}
} --- linux-2.4.0-test6-pre8/drivers/net/pcmcia/aironet4500_cs.c Fri Jul 28 06:34:44 2000
} +++ linux-2.4.0-test6-pre8.acme/drivers/net/pcmcia/aironet4500_cs.c Tue Aug 8 11:28:40 2000

[snip]

} @@ -177,8 +180,17 @@
}
} /* Create the PC card device object. */
} link = kmalloc(sizeof(struct dev_link_t), GFP_KERNEL);
} - memset(link, 0, sizeof(struct dev_link_t));
} + if (!link)
} + return NULL;
} +
} link->dev = kmalloc(sizeof(struct dev_node_t), GFP_KERNEL);
} +
} + if (!link->dev) {
} + kfree(link);
} + return NULL;
} + }
} +
} + memset(link, 0, sizeof(struct dev_link_t));
} memset(link->dev, 0, sizeof(struct dev_node_t));
}
Are you sure this is correct? You are zeroing out the link structure
(which includes the kmalloc'ed link->dev pointer) and then trying to zero
out the link->dev pointer. It's a memory leak and NULL pointer reference.
How about this instead:

        link = kmalloc(sizeof(struct dev_link_t), GFP_KERNEL);

        if (!link)
                return NULL;

        memset(link, 0, sizeof(struct dev_link_t));
        link->dev = kmalloc(sizeof(struct dev_node_t), GFP_KERNEL);

        if (!link->dev) {
                kfree(link);
                return NULL;
        }

        memset(link->dev, 0, sizeof(struct dev_node_t));

} // dev = init_etherdev(0, sizeof(struct awc_private) );
   ^^ C++ style comments...blech! :) 

-- 
|| Bill Wendling			wendling@ganymede.isdn.uiuc.edu

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

This archive was generated by hypermail 2b29 : Tue Aug 15 2000 - 21:00:15 EST