[PATCH] scsi: pm8001: Fix memory leak in pm8001_send_abort_all()

From: Jianglei Nie
Date: Tue Dec 14 2021 - 04:04:09 EST

Next message: Florian Weimer: "Re: librseq: update to support upcoming glibc 2.35"
Previous message: Shunsuke Mie: "Re: [RFC PATCH v4 0/2] RDMA/rxe: Add dma-buf support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In line 1767, sas_alloc_slow_task() allocates and initializes a
sas_task structure. When some errors occur, line 1778 and line
1795 forget to free this structure, which will lead to a memory leak.
There is a similar snippet of code in the same file (in function
pm8001_send_read_log) as allocating and initializing in line 1812
as well as releasing the memory in line 1822 and line 1867.

We can fix it by calling sas_free_task() when the res and ret is true
and before the function returns.

Signed-off-by: Jianglei Nie <niejianglei2021@xxxxxxx>
---
drivers/scsi/pm8001/pm8001_hwi.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/drivers/scsi/pm8001/pm8001_hwi.c b/drivers/scsi/pm8001/pm8001_hwi.c
index 124cb69740c6..25045a91620e 100644
--- a/drivers/scsi/pm8001/pm8001_hwi.c
+++ b/drivers/scsi/pm8001/pm8001_hwi.c
@@ -1774,8 +1774,10 @@ static void pm8001_send_abort_all(struct pm8001_hba_info *pm8001_ha,
task->task_done = pm8001_task_done;

res = pm8001_tag_alloc(pm8001_ha, &ccb_tag);
- if (res)
+ if (res) {
+ sas_free_task(task);
return;
+ }

ccb = &pm8001_ha->ccb_info[ccb_tag];
ccb->device = pm8001_ha_dev;
@@ -1791,8 +1793,10 @@ static void pm8001_send_abort_all(struct pm8001_hba_info *pm8001_ha,

ret = pm8001_mpi_build_cmd(pm8001_ha, circularQ, opc, &task_abort,
sizeof(task_abort), 0);
- if (ret)
+ if (ret) {
+ sas_free_task(task);
pm8001_tag_free(pm8001_ha, ccb_tag);
+ }

}

--
2.25.1

Next message: Florian Weimer: "Re: librseq: update to support upcoming glibc 2.35"
Previous message: Shunsuke Mie: "Re: [RFC PATCH v4 0/2] RDMA/rxe: Add dma-buf support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]