When verify_crc_source() fails, source needs to be freed.
However, current code is returning directly and ends up
leaking memory.
Fixes: c0811a7d5befe ("drm/crc: Cleanup crtc_crc_open function")
Signed-off-by: Dinghao Liu <[email protected]>
---
drivers/gpu/drm/drm_debugfs_crc.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/drivers/gpu/drm/drm_debugfs_crc.c b/drivers/gpu/drm/drm_debugfs_crc.c
index 5d67a41f7c3a..3dd70d813f69 100644
--- a/drivers/gpu/drm/drm_debugfs_crc.c
+++ b/drivers/gpu/drm/drm_debugfs_crc.c
@@ -144,8 +144,10 @@ static ssize_t crc_control_write(struct file *file, const char __user *ubuf,
source[len - 1] = '\0';
ret = crtc->funcs->verify_crc_source(crtc, source, &values_cnt);
- if (ret)
+ if (ret) {
+ kfree(source);
return ret;
+ }
spin_lock_irq(&crc->lock);
--
2.17.1
Hi Dinghao,
Thank you for the patch.
On Wed, Aug 19, 2020 at 04:22:28PM +0800, Dinghao Liu wrote:
> When verify_crc_source() fails, source needs to be freed.
> However, current code is returning directly and ends up
> leaking memory.
>
> Fixes: c0811a7d5befe ("drm/crc: Cleanup crtc_crc_open function")
I think the issue was introduced in d5cc15a0c66e ("drm: crc: Introduce
verify_crc_source callback"). Apart from that,
Reviewed-by: Laurent Pinchart <[email protected]>
> Signed-off-by: Dinghao Liu <[email protected]>
> ---
> drivers/gpu/drm/drm_debugfs_crc.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/gpu/drm/drm_debugfs_crc.c b/drivers/gpu/drm/drm_debugfs_crc.c
> index 5d67a41f7c3a..3dd70d813f69 100644
> --- a/drivers/gpu/drm/drm_debugfs_crc.c
> +++ b/drivers/gpu/drm/drm_debugfs_crc.c
> @@ -144,8 +144,10 @@ static ssize_t crc_control_write(struct file *file, const char __user *ubuf,
> source[len - 1] = '\0';
>
> ret = crtc->funcs->verify_crc_source(crtc, source, &values_cnt);
> - if (ret)
> + if (ret) {
> + kfree(source);
> return ret;
> + }
>
> spin_lock_irq(&crc->lock);
>
--
Regards,
Laurent Pinchart
On Wed, Aug 19, 2020 at 02:55:15PM +0300, Laurent Pinchart wrote:
> Hi Dinghao,
>
> Thank you for the patch.
>
> On Wed, Aug 19, 2020 at 04:22:28PM +0800, Dinghao Liu wrote:
> > When verify_crc_source() fails, source needs to be freed.
> > However, current code is returning directly and ends up
> > leaking memory.
> >
> > Fixes: c0811a7d5befe ("drm/crc: Cleanup crtc_crc_open function")
>
> I think the issue was introduced in d5cc15a0c66e ("drm: crc: Introduce
> verify_crc_source callback"). Apart from that,
>
> Reviewed-by: Laurent Pinchart <[email protected]>
Pushed to drm-misc-next.
-Daniel
>
> > Signed-off-by: Dinghao Liu <[email protected]>
> > ---
> > drivers/gpu/drm/drm_debugfs_crc.c | 4 +++-
> > 1 file changed, 3 insertions(+), 1 deletion(-)
> >
> > diff --git a/drivers/gpu/drm/drm_debugfs_crc.c b/drivers/gpu/drm/drm_debugfs_crc.c
> > index 5d67a41f7c3a..3dd70d813f69 100644
> > --- a/drivers/gpu/drm/drm_debugfs_crc.c
> > +++ b/drivers/gpu/drm/drm_debugfs_crc.c
> > @@ -144,8 +144,10 @@ static ssize_t crc_control_write(struct file *file, const char __user *ubuf,
> > source[len - 1] = '\0';
> >
> > ret = crtc->funcs->verify_crc_source(crtc, source, &values_cnt);
> > - if (ret)
> > + if (ret) {
> > + kfree(source);
> > return ret;
> > + }
> >
> > spin_lock_irq(&crc->lock);
> >
>
> --
> Regards,
>
> Laurent Pinchart
--
Daniel Vetter
Software Engineer, Intel Corporation
http://blog.ffwll.ch