G'day people,
Coverity CID: 1356 RESOURCE_LEAK
I found a very old patch for this that was Acked but did not get applied
https://lists.linux-foundation.org/pipermail/kernel-janitors/2006-September/016362.html
There looks to be a small leak in isdn_writebuf_stub() in isdn_common.c,
when copy_from_user() returns an un-copied data length (length != 0).
The below patch should be a minimally invasive fix.
Signed-off-by: Darren Jenkins <darrenrjenkins@gmailcom>
Acked-by: Karsten Keil <[email protected]>
diff --git a/drivers/isdn/i4l/isdn_common.c b/drivers/isdn/i4l/isdn_common.c
index 0f3c66d..8d8c6b7 100644
--- a/drivers/isdn/i4l/isdn_common.c
+++ b/drivers/isdn/i4l/isdn_common.c
@@ -1977,8 +1977,10 @@ isdn_writebuf_stub(int drvidx, int chan, const u_char __user * buf, int len)
if (!skb)
return -ENOMEM;
skb_reserve(skb, hl);
- if (copy_from_user(skb_put(skb, len), buf, len))
+ if (copy_from_user(skb_put(skb, len), buf, len)) {
+ dev_kfree_skb(skb);
return -EFAULT;
+ }
ret = dev->drv[drvidx]->interface->writebuf_skb(drvidx, chan, 1, skb);
if (ret <= 0)
dev_kfree_skb(skb);
G'day Rustam,
On Mon, Jul 7, 2008 at 9:09 PM, Rustam Rakhimov <[email protected]> wrote:
> sorry I don't understand what this function is doing ?
>
Looking at the code it looks like this function is writing data to the
card in a legacy (B ?) mode.
Darren J.