configs will kmemdup to dup_configs in pictrl util function.
So configs need to be freed.
Signed-off-by: Hongzhou Yang <[email protected]>
---
Fix a memleak issue.
drivers/pinctrl/mediatek/pinctrl-mtk-common.c | 24 ++++++++++++++----------
1 file changed, 14 insertions(+), 10 deletions(-)
diff --git a/drivers/pinctrl/mediatek/pinctrl-mtk-common.c b/drivers/pinctrl/mediatek/pinctrl-mtk-common.c
index bbf0230..0f9e416 100644
--- a/drivers/pinctrl/mediatek/pinctrl-mtk-common.c
+++ b/drivers/pinctrl/mediatek/pinctrl-mtk-common.c
@@ -520,21 +520,23 @@ static int mtk_pctrl_dt_subnode_to_map(struct pinctrl_dev *pctldev,
if (has_config && num_pins >= 1)
maps_per_pin++;
- if (!num_pins || !maps_per_pin)
- return -EINVAL;
+ if (!num_pins || !maps_per_pin) {
+ err = -EINVAL;
+ goto exit;
+ }
reserve = num_pins * maps_per_pin;
err = pinctrl_utils_reserve_map(pctldev, map,
reserved_maps, num_maps, reserve);
if (err < 0)
- goto fail;
+ goto exit;
for (i = 0; i < num_pins; i++) {
err = of_property_read_u32_index(node, "pinmux",
i, &pinfunc);
if (err)
- goto fail;
+ goto exit;
pin = MTK_GET_PIN_NO(pinfunc);
func = MTK_GET_PIN_FUNC(pinfunc);
@@ -543,20 +545,21 @@ static int mtk_pctrl_dt_subnode_to_map(struct pinctrl_dev *pctldev,
func >= ARRAY_SIZE(mtk_gpio_functions)) {
dev_err(pctl->dev, "invalid pins value.\n");
err = -EINVAL;
- goto fail;
+ goto exit;
}
grp = mtk_pctrl_find_group_by_pin(pctl, pin);
if (!grp) {
dev_err(pctl->dev, "unable to match pin %d to group\n",
pin);
- return -EINVAL;
+ err = -EINVAL;
+ goto exit;
}
err = mtk_pctrl_dt_node_to_map_func(pctl, pin, func, grp, map,
reserved_maps, num_maps);
if (err < 0)
- goto fail;
+ goto exit;
if (has_config) {
err = pinctrl_utils_add_map_configs(pctldev, map,
@@ -564,13 +567,14 @@ static int mtk_pctrl_dt_subnode_to_map(struct pinctrl_dev *pctldev,
configs, num_configs,
PIN_MAP_TYPE_CONFIGS_GROUP);
if (err < 0)
- goto fail;
+ goto exit;
}
}
- return 0;
+ err = 0;
-fail:
+exit:
+ kfree(configs);
return err;
}
--
1.7.9.5
On Tue, Nov 17, 2015 at 12:22 PM, Hongzhou Yang
<[email protected]> wrote:
> configs will kmemdup to dup_configs in pictrl util function.
> So configs need to be freed.
>
> Signed-off-by: Hongzhou Yang <[email protected]>
Reviewed-by: Daniel Kurtz <[email protected]>
> ---
> Fix a memleak issue.
>
> drivers/pinctrl/mediatek/pinctrl-mtk-common.c | 24 ++++++++++++++----------
> 1 file changed, 14 insertions(+), 10 deletions(-)
>
> diff --git a/drivers/pinctrl/mediatek/pinctrl-mtk-common.c b/drivers/pinctrl/mediatek/pinctrl-mtk-common.c
> index bbf0230..0f9e416 100644
> --- a/drivers/pinctrl/mediatek/pinctrl-mtk-common.c
> +++ b/drivers/pinctrl/mediatek/pinctrl-mtk-common.c
> @@ -520,21 +520,23 @@ static int mtk_pctrl_dt_subnode_to_map(struct pinctrl_dev *pctldev,
> if (has_config && num_pins >= 1)
> maps_per_pin++;
>
> - if (!num_pins || !maps_per_pin)
> - return -EINVAL;
> + if (!num_pins || !maps_per_pin) {
> + err = -EINVAL;
> + goto exit;
> + }
>
> reserve = num_pins * maps_per_pin;
>
> err = pinctrl_utils_reserve_map(pctldev, map,
> reserved_maps, num_maps, reserve);
> if (err < 0)
> - goto fail;
> + goto exit;
>
> for (i = 0; i < num_pins; i++) {
> err = of_property_read_u32_index(node, "pinmux",
> i, &pinfunc);
> if (err)
> - goto fail;
> + goto exit;
>
> pin = MTK_GET_PIN_NO(pinfunc);
> func = MTK_GET_PIN_FUNC(pinfunc);
> @@ -543,20 +545,21 @@ static int mtk_pctrl_dt_subnode_to_map(struct pinctrl_dev *pctldev,
> func >= ARRAY_SIZE(mtk_gpio_functions)) {
> dev_err(pctl->dev, "invalid pins value.\n");
> err = -EINVAL;
> - goto fail;
> + goto exit;
> }
>
> grp = mtk_pctrl_find_group_by_pin(pctl, pin);
> if (!grp) {
> dev_err(pctl->dev, "unable to match pin %d to group\n",
> pin);
> - return -EINVAL;
> + err = -EINVAL;
> + goto exit;
> }
>
> err = mtk_pctrl_dt_node_to_map_func(pctl, pin, func, grp, map,
> reserved_maps, num_maps);
> if (err < 0)
> - goto fail;
> + goto exit;
>
> if (has_config) {
> err = pinctrl_utils_add_map_configs(pctldev, map,
> @@ -564,13 +567,14 @@ static int mtk_pctrl_dt_subnode_to_map(struct pinctrl_dev *pctldev,
> configs, num_configs,
> PIN_MAP_TYPE_CONFIGS_GROUP);
> if (err < 0)
> - goto fail;
> + goto exit;
> }
> }
>
> - return 0;
> + err = 0;
>
> -fail:
> +exit:
> + kfree(configs);
> return err;
> }
>
> --
> 1.7.9.5
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to [email protected]
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
On 17/11/15 09:25, Daniel Kurtz wrote:
> On Tue, Nov 17, 2015 at 12:22 PM, Hongzhou Yang
> <[email protected]> wrote:
>> configs will kmemdup to dup_configs in pictrl util function.
>> So configs need to be freed.
>>
>> Signed-off-by: Hongzhou Yang <[email protected]>
>
> Reviewed-by: Daniel Kurtz <[email protected]>
Reviewed-by: Matthias Brugger <[email protected]>
>
>> ---
>> Fix a memleak issue.
>>
>> drivers/pinctrl/mediatek/pinctrl-mtk-common.c | 24 ++++++++++++++----------
>> 1 file changed, 14 insertions(+), 10 deletions(-)
>>
>> diff --git a/drivers/pinctrl/mediatek/pinctrl-mtk-common.c b/drivers/pinctrl/mediatek/pinctrl-mtk-common.c
>> index bbf0230..0f9e416 100644
>> --- a/drivers/pinctrl/mediatek/pinctrl-mtk-common.c
>> +++ b/drivers/pinctrl/mediatek/pinctrl-mtk-common.c
>> @@ -520,21 +520,23 @@ static int mtk_pctrl_dt_subnode_to_map(struct pinctrl_dev *pctldev,
>> if (has_config && num_pins >= 1)
>> maps_per_pin++;
>>
>> - if (!num_pins || !maps_per_pin)
>> - return -EINVAL;
>> + if (!num_pins || !maps_per_pin) {
>> + err = -EINVAL;
>> + goto exit;
>> + }
>>
>> reserve = num_pins * maps_per_pin;
>>
>> err = pinctrl_utils_reserve_map(pctldev, map,
>> reserved_maps, num_maps, reserve);
>> if (err < 0)
>> - goto fail;
>> + goto exit;
>>
>> for (i = 0; i < num_pins; i++) {
>> err = of_property_read_u32_index(node, "pinmux",
>> i, &pinfunc);
>> if (err)
>> - goto fail;
>> + goto exit;
>>
>> pin = MTK_GET_PIN_NO(pinfunc);
>> func = MTK_GET_PIN_FUNC(pinfunc);
>> @@ -543,20 +545,21 @@ static int mtk_pctrl_dt_subnode_to_map(struct pinctrl_dev *pctldev,
>> func >= ARRAY_SIZE(mtk_gpio_functions)) {
>> dev_err(pctl->dev, "invalid pins value.\n");
>> err = -EINVAL;
>> - goto fail;
>> + goto exit;
>> }
>>
>> grp = mtk_pctrl_find_group_by_pin(pctl, pin);
>> if (!grp) {
>> dev_err(pctl->dev, "unable to match pin %d to group\n",
>> pin);
>> - return -EINVAL;
>> + err = -EINVAL;
>> + goto exit;
>> }
>>
>> err = mtk_pctrl_dt_node_to_map_func(pctl, pin, func, grp, map,
>> reserved_maps, num_maps);
>> if (err < 0)
>> - goto fail;
>> + goto exit;
>>
>> if (has_config) {
>> err = pinctrl_utils_add_map_configs(pctldev, map,
>> @@ -564,13 +567,14 @@ static int mtk_pctrl_dt_subnode_to_map(struct pinctrl_dev *pctldev,
>> configs, num_configs,
>> PIN_MAP_TYPE_CONFIGS_GROUP);
>> if (err < 0)
>> - goto fail;
>> + goto exit;
>> }
>> }
>>
>> - return 0;
>> + err = 0;
>>
>> -fail:
>> +exit:
>> + kfree(configs);
>> return err;
>> }
>>
>> --
>> 1.7.9.5
>>
>> --
>> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
>> the body of a message to [email protected]
>> More majordomo info at http://vger.kernel.org/majordomo-info.html
>> Please read the FAQ at http://www.tux.org/lkml/
On Mon, 2015-11-16 at 20:22 -0800, Hongzhou Yang wrote:
> configs will kmemdup to dup_configs in pictrl util function.
> So configs need to be freed.
>
> Signed-off-by: Hongzhou Yang <[email protected]>
> ---
> Fix a memleak issue.
>
> drivers/pinctrl/mediatek/pinctrl-mtk-common.c | 24 ++++++++++++++----------
> 1 file changed, 14 insertions(+), 10 deletions(-)
>
> diff --git a/drivers/pinctrl/mediatek/pinctrl-mtk-common.c b/drivers/pinctrl/mediatek/pinctrl-mtk-common.c
> index bbf0230..0f9e416 100644
> --- a/drivers/pinctrl/mediatek/pinctrl-mtk-common.c
> +++ b/drivers/pinctrl/mediatek/pinctrl-mtk-common.c
> @@ -520,21 +520,23 @@ static int mtk_pctrl_dt_subnode_to_map(struct pinctrl_dev *pctldev,
> if (has_config && num_pins >= 1)
> maps_per_pin++;
>
> - if (!num_pins || !maps_per_pin)
> - return -EINVAL;
> + if (!num_pins || !maps_per_pin) {
> + err = -EINVAL;
> + goto exit;
> + }
In line 510:
err = pinconf_generic_parse_dt_config(node, pctldev, &configs,
&num_configs);
if (num_configs)
has_config = 1;
if the function return err<0, configs and num_configs might not be
initialized and you'll crash the kernel when doing kfree(configs);
Joe.C
>
> reserve = num_pins * maps_per_pin;
>
> err = pinctrl_utils_reserve_map(pctldev, map,
> reserved_maps, num_maps, reserve);
> if (err < 0)
> - goto fail;
> + goto exit;
>
> for (i = 0; i < num_pins; i++) {
> err = of_property_read_u32_index(node, "pinmux",
> i, &pinfunc);
> if (err)
> - goto fail;
> + goto exit;
>
> pin = MTK_GET_PIN_NO(pinfunc);
> func = MTK_GET_PIN_FUNC(pinfunc);
> @@ -543,20 +545,21 @@ static int mtk_pctrl_dt_subnode_to_map(struct pinctrl_dev *pctldev,
> func >= ARRAY_SIZE(mtk_gpio_functions)) {
> dev_err(pctl->dev, "invalid pins value.\n");
> err = -EINVAL;
> - goto fail;
> + goto exit;
> }
>
> grp = mtk_pctrl_find_group_by_pin(pctl, pin);
> if (!grp) {
> dev_err(pctl->dev, "unable to match pin %d to group\n",
> pin);
> - return -EINVAL;
> + err = -EINVAL;
> + goto exit;
> }
>
> err = mtk_pctrl_dt_node_to_map_func(pctl, pin, func, grp, map,
> reserved_maps, num_maps);
> if (err < 0)
> - goto fail;
> + goto exit;
>
> if (has_config) {
> err = pinctrl_utils_add_map_configs(pctldev, map,
> @@ -564,13 +567,14 @@ static int mtk_pctrl_dt_subnode_to_map(struct pinctrl_dev *pctldev,
> configs, num_configs,
> PIN_MAP_TYPE_CONFIGS_GROUP);
> if (err < 0)
> - goto fail;
> + goto exit;
> }
> }
>
> - return 0;
> + err = 0;
>
> -fail:
> +exit:
> + kfree(configs);
> return err;
> }
>