2020-05-28 19:02:18

by Qiushi Wu

[permalink] [raw]
Subject: [PATCH] efi: Fix reference count leak in efivar_create_sysfs_entry.

From: Qiushi Wu <[email protected]>

kobject_init_and_add() should be handled when it return an error,
because kobject_init_and_add() takes reference even when it fails.
If this function returns an error, kobject_put() must be called to
properly clean up the memory associated with the object. Previous
commit "b8eb718348b8" fixed a similar problem.

Signed-off-by: Qiushi Wu <[email protected]>
---
drivers/firmware/efi/efivars.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/drivers/firmware/efi/efivars.c b/drivers/firmware/efi/efivars.c
index 78ad1ba8c987..26528a46d99e 100644
--- a/drivers/firmware/efi/efivars.c
+++ b/drivers/firmware/efi/efivars.c
@@ -522,8 +522,10 @@ efivar_create_sysfs_entry(struct efivar_entry *new_var)
ret = kobject_init_and_add(&new_var->kobj, &efivar_ktype,
NULL, "%s", short_name);
kfree(short_name);
- if (ret)
+ if (ret) {
+ kobject_put(&new_var->kobj);
return ret;
+ }

kobject_uevent(&new_var->kobj, KOBJ_ADD);
if (efivar_entry_add(new_var, &efivar_sysfs_list)) {
--
2.17.1


2020-05-29 17:03:45

by Ard Biesheuvel

[permalink] [raw]
Subject: Re: [PATCH] efi: Fix reference count leak in efivar_create_sysfs_entry.

On Thu, 28 May 2020 at 20:59, <[email protected]> wrote:
>
> From: Qiushi Wu <[email protected]>
>
> kobject_init_and_add() should be handled when it return an error,
> because kobject_init_and_add() takes reference even when it fails.
> If this function returns an error, kobject_put() must be called to
> properly clean up the memory associated with the object. Previous
> commit "b8eb718348b8" fixed a similar problem.
>
> Signed-off-by: Qiushi Wu <[email protected]>

This one is already fixed in linux-next

> ---
> drivers/firmware/efi/efivars.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/firmware/efi/efivars.c b/drivers/firmware/efi/efivars.c
> index 78ad1ba8c987..26528a46d99e 100644
> --- a/drivers/firmware/efi/efivars.c
> +++ b/drivers/firmware/efi/efivars.c
> @@ -522,8 +522,10 @@ efivar_create_sysfs_entry(struct efivar_entry *new_var)
> ret = kobject_init_and_add(&new_var->kobj, &efivar_ktype,
> NULL, "%s", short_name);
> kfree(short_name);
> - if (ret)
> + if (ret) {
> + kobject_put(&new_var->kobj);
> return ret;
> + }
>
> kobject_uevent(&new_var->kobj, KOBJ_ADD);
> if (efivar_entry_add(new_var, &efivar_sysfs_list)) {
> --
> 2.17.1
>