Hello!
I see there is a memleak in driver for the Specialix SX series cards
on error exit path in sx_fw_ioctl() (both in 2.4 and 2.5).
See the patch.
Found with help of smatch + unfree script.
Bye,
Oleg
===== drivers/char/sx.c 1.13 vs edited =====
--- 1.13/drivers/char/sx.c Fri Nov 8 21:16:55 2002
+++ edited/drivers/char/sx.c Wed Mar 12 23:38:33 2003
@@ -1734,8 +1734,10 @@
if (copy_from_user(tmp, (char *)data + i,
(i + SX_CHUNK_SIZE >
nbytes) ? nbytes - i :
- SX_CHUNK_SIZE))
+ SX_CHUNK_SIZE)) {
+ kfree (tmp);
return -EFAULT;
+ }
memcpy_toio ((char *) (board->base2 + offset + i), tmp,
(i+SX_CHUNK_SIZE>nbytes)?nbytes-i:SX_CHUNK_SIZE);
}
On Wed, Mar 12, 2003 at 11:41:14PM +0300, Oleg Drokin wrote:
> Hello!
>
> I see there is a memleak in driver for the Specialix SX series cards
> on error exit path in sx_fw_ioctl() (both in 2.4 and 2.5).
> See the patch.
> Found with help of smatch + unfree script.
...
> + kfree (tmp);
> return -EFAULT;
Hi Oleg,
You're right. I left it like this because "root can always mess up the
machine". But once fixed, I agree that it's better this way.
Roger.
--
** [email protected] ** http://www.BitWizard.nl/ ** +31-15-2600998 **
*-- BitWizard writes Linux device drivers for any device you may have! --*
* The Worlds Ecosystem is a stable system. Stable systems may experience *
* excursions from the stable situation. We are currently in such an *
* excursion: The stable situation does not include humans. ***************