Hello!
I am still playing with improving memleak detector thing from smatch project.
Seems there is a memleak in fs/binfmt_elf.c::load_elf_binary() in current 2.5
If setup_arg_pages() fails (line 638 in my sources) we do return but
not freeing possibly allocated elf_interpreter (line 520) and
allocated elf_phdata (line 500) areas.
Is this looking real? At least it looks real for me (I am trying to get
number of false positives way down).
Bye,
Oleg
Oleg Drokin <[email protected]> wrote:
>
> Hello!
>
> I am still playing with improving memleak detector thing from smatch project.
>
> Seems there is a memleak in fs/binfmt_elf.c::load_elf_binary() in current 2.5
> If setup_arg_pages() fails (line 638 in my sources) we do return but
> not freeing possibly allocated elf_interpreter (line 520) and
> allocated elf_phdata (line 500) areas.
>
> Is this looking real? At least it looks real for me (I am trying to get
> number of false positives way down).
>
Yes, you're right. And there's a second one further down.
Whoever thought of permitting more than one `return' statement in a C
function should be shot.
This needs a little thought, as we've already set the new personality and the
old executable has been rubbed out.
Hello!
On Fri, Mar 07, 2003 at 03:25:32AM -0800, Andrew Morton wrote:
> > I am still playing with improving memleak detector thing from smatch project.
> > Seems there is a memleak in fs/binfmt_elf.c::load_elf_binary() in current 2.5
> > If setup_arg_pages() fails (line 638 in my sources) we do return but
> > not freeing possibly allocated elf_interpreter (line 520) and
> > allocated elf_phdata (line 500) areas.
> > Is this looking real? At least it looks real for me (I am trying to get
> > number of false positives way down).
> Yes, you're right. And there's a second one further down.
Ah, hm? Can you be mo precise? I do not see it.
Next return I see is in line 745, and the memory is freed before it.
Bye,
Oleg
Andrew Morton <[email protected]> wrote:
>
> This needs a little thought, as we've already set the new personality and the
> old executable has been rubbed out.
Actually it looks to be fairly simple to fix. Less simple to test...
Oleg Drokin <[email protected]> wrote:
>
> Hello!
>
> On Fri, Mar 07, 2003 at 03:25:32AM -0800, Andrew Morton wrote:
> > > I am still playing with improving memleak detector thing from smatch project.
> > > Seems there is a memleak in fs/binfmt_elf.c::load_elf_binary() in current 2.5
> > > If setup_arg_pages() fails (line 638 in my sources) we do return but
> > > not freeing possibly allocated elf_interpreter (line 520) and
> > > allocated elf_phdata (line 500) areas.
> > > Is this looking real? At least it looks real for me (I am trying to get
> > > number of false positives way down).
> > Yes, you're right. And there's a second one further down.
>
> Ah, hm? Can you be mo precise? I do not see it.
>
> Next return I see is in line 745, and the memory is freed before it.
>
It forgets to close the file. It'll be closed anyway by exit so
I guess that's OK.
Hello!
On Fri, Mar 07, 2003 at 03:36:09AM -0800, Andrew Morton wrote:
> > This needs a little thought, as we've already set the new personality and the
> > old executable has been rubbed out.
> Actually it looks to be fairly simple to fix. Less simple to test...
BTW, I just noticed that 2.4 have absolutely same problem it seems, so
you probably want to make fix for it too.
Bye,
Oleg