2020-08-29 08:08:06

by Dinghao Liu

[permalink] [raw]
Subject: [PATCH] ALSA: opti9xx: Fix memleak in snd_opti9xx_read_check

When request_region() on chip->res_mc_indir fails,
chip->res_mc_base should be freed to prevent memleak.

Signed-off-by: Dinghao Liu <[email protected]>
---
sound/isa/opti9xx/opti92x-ad1848.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/sound/isa/opti9xx/opti92x-ad1848.c b/sound/isa/opti9xx/opti92x-ad1848.c
index 881d3b5711d2..06ba18d1737c 100644
--- a/sound/isa/opti9xx/opti92x-ad1848.c
+++ b/sound/isa/opti9xx/opti92x-ad1848.c
@@ -679,8 +679,11 @@ static int snd_opti9xx_read_check(struct snd_opti9xx *chip)
#else /* OPTi93X */
chip->res_mc_indir = request_region(chip->mc_indir_index, 2,
"OPTi93x MC");
- if (chip->res_mc_indir == NULL)
+ if (chip->res_mc_indir == NULL) {
+ release_and_free_resource(chip->res_mc_base);
+ chip->res_mc_base = NULL;
return -EBUSY;
+ }

spin_lock_irqsave(&chip->lock, flags);
outb(chip->password, chip->mc_base + chip->pwd_reg);
--
2.17.1


2020-08-31 09:50:42

by Takashi Iwai

[permalink] [raw]
Subject: Re: [PATCH] ALSA: opti9xx: Fix memleak in snd_opti9xx_read_check

On Sat, 29 Aug 2020 10:05:15 +0200,
Dinghao Liu wrote:
>
> When request_region() on chip->res_mc_indir fails,
> chip->res_mc_base should be freed to prevent memleak.
>
> Signed-off-by: Dinghao Liu <[email protected]>

The resources are freed automatically at private_free callback
(snd_card_opti9xx_free()) called via snd_card_free() in the error
path, hence this patch would lead to double-free.


thanks,

Takashi


> ---
> sound/isa/opti9xx/opti92x-ad1848.c | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/sound/isa/opti9xx/opti92x-ad1848.c b/sound/isa/opti9xx/opti92x-ad1848.c
> index 881d3b5711d2..06ba18d1737c 100644
> --- a/sound/isa/opti9xx/opti92x-ad1848.c
> +++ b/sound/isa/opti9xx/opti92x-ad1848.c
> @@ -679,8 +679,11 @@ static int snd_opti9xx_read_check(struct snd_opti9xx *chip)
> #else /* OPTi93X */
> chip->res_mc_indir = request_region(chip->mc_indir_index, 2,
> "OPTi93x MC");
> - if (chip->res_mc_indir == NULL)
> + if (chip->res_mc_indir == NULL) {
> + release_and_free_resource(chip->res_mc_base);
> + chip->res_mc_base = NULL;
> return -EBUSY;
> + }
>
> spin_lock_irqsave(&chip->lock, flags);
> outb(chip->password, chip->mc_base + chip->pwd_reg);
> --
> 2.17.1
>