2014-12-01 01:08:10

by Ahmed Tamrawi

[permalink] [raw]
Subject: Possible memory leak in function (reserve_range) not freeing pointer (regionid)

Bug Report: https://bugzilla.kernel.org/show_bug.cgi?id=89101
Linux Version [3.17-rc1]
Configuration: Default configuration for x86


Function (reserve_range) in file (drivers/pnp/system.c) allocates
pointer (regionid) on line (32) and passes it to function
(__request_region) through the macros: (request_region) at line (38)
or (request_mem_region) at line (40). However, if the resource (res)
is allocated through (__request_region) function, then the pointer
(res->name) points to the allocated pointer (regionid). Then, there is
no way in function (free_resource) or function (release_resource) to
free the pointer (regionid) or (res->name). Thus, causing a potential
memory leak!

Function (reserve_range) source code reference:
http://lxr.free-electrons.com/source/drivers/pnp/system.c#L25
Function (free_resource) source code
reference:http://lxr.free-electrons.com/source/kernel/resource.c#L172
Function (release_resource) source code
reference:http://lxr.free-electrons.com/source/kernel/resource.c#L322


~Ahmed