Re: [RESEND PATCH] cpufreq: unnecesary double free inpcc_cpufreq_do_osc
From: David Rientjes
Date: Thu Sep 30 2010 - 16:06:33 EST
On Thu, 30 Sep 2010, Pekka Enberg wrote:
> From 8b18a51077c9e5b36d54a5e45f9058eb3aae2477 Mon Sep 17 00:00:00 2001
> From: Pekka Enberg <penberg@xxxxxxxxxxxxxx>
> Date: Thu, 30 Sep 2010 22:57:33 +0300
> Subject: [PATCH] x86, cpufreq: Fix pcc_cpufreq_do_osc() memory leaks
>
> If acpi_evaluate_object() function call doesn't fail, we must kfree()
> output.buffer before returning from pcc_cpufreq_do_osc().
>
> Signed-off-by: Pekka Enberg <penberg@xxxxxxxxxxxxxx>
Acked-by: David Rientjes <rientjes@xxxxxxxxxx>
> ---
> arch/x86/kernel/cpu/cpufreq/pcc-cpufreq.c | 18 ++++++++++++------
> 1 files changed, 12 insertions(+), 6 deletions(-)
>
> diff --git a/arch/x86/kernel/cpu/cpufreq/pcc-cpufreq.c b/arch/x86/kernel/cpu/cpufreq/pcc-cpufreq.c
> index 994230d..4f6f679 100644
> --- a/arch/x86/kernel/cpu/cpufreq/pcc-cpufreq.c
> +++ b/arch/x86/kernel/cpu/cpufreq/pcc-cpufreq.c
> @@ -368,16 +368,22 @@ static int __init pcc_cpufreq_do_osc(acpi_handle *handle)
> return -ENODEV;
>
> out_obj = output.pointer;
> - if (out_obj->type != ACPI_TYPE_BUFFER)
> - return -ENODEV;
> + if (out_obj->type != ACPI_TYPE_BUFFER) {
> + ret = -ENODEV;
> + goto out_free;
> + }
>
> errors = *((u32 *)out_obj->buffer.pointer) & ~(1 << 0);
> - if (errors)
> - return -ENODEV;
> + if (errors) {
> + ret = -ENODEV;
> + goto out_free;
> + }
>
> supported = *((u32 *)(out_obj->buffer.pointer + 4));
> - if (!(supported & 0x1))
> - return -ENODEV;
> + if (!(supported & 0x1)) {
> + ret = -ENODEV;
> + goto out_free;
> + }
>
> out_free:
> kfree(output.pointer);
> --
> 1.5.6.4
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/