Re: [PATCH] drm/crc-debugfs: Fix memleak in crc_control_write
From: Daniel Vetter
Date: Tue Sep 01 2020 - 03:46:49 EST
On Wed, Aug 19, 2020 at 02:55:15PM +0300, Laurent Pinchart wrote:
> Hi Dinghao,
>
> Thank you for the patch.
>
> On Wed, Aug 19, 2020 at 04:22:28PM +0800, Dinghao Liu wrote:
> > When verify_crc_source() fails, source needs to be freed.
> > However, current code is returning directly and ends up
> > leaking memory.
> >
> > Fixes: c0811a7d5befe ("drm/crc: Cleanup crtc_crc_open function")
>
> I think the issue was introduced in d5cc15a0c66e ("drm: crc: Introduce
> verify_crc_source callback"). Apart from that,
>
> Reviewed-by: Laurent Pinchart <laurent.pinchart@xxxxxxxxxxxxxxxx>
Pushed to drm-misc-next.
-Daniel
>
> > Signed-off-by: Dinghao Liu <dinghao.liu@xxxxxxxxxx>
> > ---
> > drivers/gpu/drm/drm_debugfs_crc.c | 4 +++-
> > 1 file changed, 3 insertions(+), 1 deletion(-)
> >
> > diff --git a/drivers/gpu/drm/drm_debugfs_crc.c b/drivers/gpu/drm/drm_debugfs_crc.c
> > index 5d67a41f7c3a..3dd70d813f69 100644
> > --- a/drivers/gpu/drm/drm_debugfs_crc.c
> > +++ b/drivers/gpu/drm/drm_debugfs_crc.c
> > @@ -144,8 +144,10 @@ static ssize_t crc_control_write(struct file *file, const char __user *ubuf,
> > source[len - 1] = '\0';
> >
> > ret = crtc->funcs->verify_crc_source(crtc, source, &values_cnt);
> > - if (ret)
> > + if (ret) {
> > + kfree(source);
> > return ret;
> > + }
> >
> > spin_lock_irq(&crc->lock);
> >
>
> --
> Regards,
>
> Laurent Pinchart
--
Daniel Vetter
Software Engineer, Intel Corporation
http://blog.ffwll.ch