Every iteration of for_each_child_of_node() decrements
the reference count of the previous node, however when control
is transferred from the middle of the loop, as in the case of
a return or break or goto, there is no decrement thus ultimately
resulting in a memory leak.
Fix a potential memory leak in mt7530.c by inserting of_node_put()
before the break statement.
Issue found with Coccinelle.
Signed-off-by: Sumera Priyadarsini <[email protected]>
---
drivers/net/dsa/mt7530.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/net/dsa/mt7530.c b/drivers/net/dsa/mt7530.c
index 8dcb8a49ab67..af83e5034842 100644
--- a/drivers/net/dsa/mt7530.c
+++ b/drivers/net/dsa/mt7530.c
@@ -1334,6 +1334,7 @@ mt7530_setup(struct dsa_switch *ds)
if (id == 4)
priv->p5_intf_sel = P5_INTF_SEL_PHY_P4;
}
+ of_node_put(mac_np);
of_node_put(phy_node);
break;
}
--
2.17.1
On Sun, Aug 23, 2020 at 07:31:16PM +0530, Sumera Priyadarsini wrote:
> Every iteration of for_each_child_of_node() decrements
> the reference count of the previous node, however when control
> is transferred from the middle of the loop, as in the case of
> a return or break or goto, there is no decrement thus ultimately
> resulting in a memory leak.
>
> Fix a potential memory leak in mt7530.c by inserting of_node_put()
> before the break statement.
>
> Issue found with Coccinelle.
>
> Signed-off-by: Sumera Priyadarsini <[email protected]>
> ---
> drivers/net/dsa/mt7530.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/drivers/net/dsa/mt7530.c b/drivers/net/dsa/mt7530.c
> index 8dcb8a49ab67..af83e5034842 100644
> --- a/drivers/net/dsa/mt7530.c
> +++ b/drivers/net/dsa/mt7530.c
> @@ -1334,6 +1334,7 @@ mt7530_setup(struct dsa_switch *ds)
> if (id == 4)
> priv->p5_intf_sel = P5_INTF_SEL_PHY_P4;
> }
> + of_node_put(mac_np);
> of_node_put(phy_node);
> break;
> }
Within the same loop is:
if (phy_node->parent == priv->dev->of_node->parent) {
ret = of_get_phy_mode(mac_np, &interface);
if (ret && ret != -ENODEV)
return ret;
shouldn't this also have a put?
Andrew