In the header.c file, some functions allocate memory after using
do_read_string, but the corresponding memory is not released after
subsequent processing errors, causing memory leaks.
Fixes: acae8b36cded ("perf header: Add die information in CPU topology")
Fixes: c60da22aca87 ("perf header: Transform nodes string info to struct")
Fixes: 642aadaa320b ("perf header: Make topology checkers to check return value of strbuf")
Signed-off-by: tongtiangen <[email protected]>
---
tools/perf/util/header.c | 22 ++++++++++++++++------
1 file changed, 16 insertions(+), 6 deletions(-)
diff --git a/tools/perf/util/header.c b/tools/perf/util/header.c
index 7a67d017d72c..2f77391e0787 100644
--- a/tools/perf/util/header.c
+++ b/tools/perf/util/header.c
@@ -2307,8 +2307,10 @@ static int process_cpu_topology(struct feat_fd *ff, void *data __maybe_unused)
goto error;
/* include a NULL character at the end */
- if (strbuf_add(&sb, str, strlen(str) + 1) < 0)
+ if (strbuf_add(&sb, str, strlen(str) + 1) < 0) {
+ free(str);
goto error;
+ }
size += string_size(str);
free(str);
}
@@ -2326,8 +2328,10 @@ static int process_cpu_topology(struct feat_fd *ff, void *data __maybe_unused)
goto error;
/* include a NULL character at the end */
- if (strbuf_add(&sb, str, strlen(str) + 1) < 0)
+ if (strbuf_add(&sb, str, strlen(str) + 1) < 0) {
+ free(str);
goto error;
+ }
size += string_size(str);
free(str);
}
@@ -2390,8 +2394,10 @@ static int process_cpu_topology(struct feat_fd *ff, void *data __maybe_unused)
goto error;
/* include a NULL character at the end */
- if (strbuf_add(&sb, str, strlen(str) + 1) < 0)
+ if (strbuf_add(&sb, str, strlen(str) + 1) < 0) {
+ free(str);
goto error;
+ }
size += string_size(str);
free(str);
}
@@ -2446,7 +2452,7 @@ static int process_numa_topology(struct feat_fd *ff, void *data __maybe_unused)
n->map = perf_cpu_map__new(str);
if (!n->map)
- goto error;
+ goto free_str;
free(str);
}
@@ -2454,6 +2460,8 @@ static int process_numa_topology(struct feat_fd *ff, void *data __maybe_unused)
ff->ph->env.numa_nodes = nodes;
return 0;
+free_str:
+ free(str);
error:
free(nodes);
return -1;
@@ -2487,10 +2495,10 @@ static int process_pmu_mappings(struct feat_fd *ff, void *data __maybe_unused)
goto error;
if (strbuf_addf(&sb, "%u:%s", type, name) < 0)
- goto error;
+ goto free_name;
/* include a NULL character at the end */
if (strbuf_add(&sb, "", 1) < 0)
- goto error;
+ goto free_name;
if (!strcmp(name, "msr"))
ff->ph->env.msr_pmu_type = type;
@@ -2501,6 +2509,8 @@ static int process_pmu_mappings(struct feat_fd *ff, void *data __maybe_unused)
ff->ph->env.pmu_mappings = strbuf_detach(&sb, NULL);
return 0;
+free_name:
+ free(name);
error:
strbuf_release(&sb);
return -1;
--
2.20.1
> In the header.c file, some functions allocate memory after using
> do_read_string, but the corresponding memory is not released after
> subsequent processing errors, causing memory leaks.
I suggest to choose an imperative wording for this change description.
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/process/submitting-patches.rst?id=cd77006e01b3198c75fb7819b3d0ff89709539bb#n151
…
> +++ b/tools/perf/util/header.c
> @@ -2307,8 +2307,10 @@ static int process_cpu_topology(struct feat_fd *ff, void *data __maybe_unused)
> goto error;
>
> /* include a NULL character at the end */
> - if (strbuf_add(&sb, str, strlen(str) + 1) < 0)
> + if (strbuf_add(&sb, str, strlen(str) + 1) < 0) {
> + free(str);
> goto error;
> + }
> size += string_size(str);
…
I propose to add the jump target “free_str” for nicer exception handling
in this function implementation.
Regards,
Markus