From: Colin Ian King <[email protected]>
There are two error return paths that are not kfree'ing ep that
lead to memory leaks. Fix this by exiting on error via the
ext_out exit path that performs the necessary kfree.
Detected by CoverityScan, CID#1462747 ("Resource Leak")
Fixes: b83ea87958c5 ("mtd: nand: provide several helpers to do common NAND operations")
Signed-off-by: Colin Ian King <[email protected]>
---
drivers/mtd/nand/nand_base.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/mtd/nand/nand_base.c b/drivers/mtd/nand/nand_base.c
index eb810d5d44e7..1c5126d1db8c 100644
--- a/drivers/mtd/nand/nand_base.c
+++ b/drivers/mtd/nand/nand_base.c
@@ -5046,14 +5046,14 @@ static int nand_flash_detect_ext_param_page(struct nand_chip *chip,
/* Send our own NAND_CMD_PARAM. */
ret = nand_read_param_page_op(chip, 0, NULL, 0);
if (ret)
- return ret;
+ goto ext_out;
/* Use the Change Read Column command to skip the ONFI param pages. */
ret = nand_change_read_column_op(chip,
sizeof(*p) * p->num_of_param_pages,
ep, len, true);
if (ret)
- return ret;
+ goto ext_out;
ret = -EINVAL;
if ((onfi_crc16(ONFI_CRC_BASE, ((uint8_t *)ep) + 2, len - 2)
--
2.14.1
Hi Colin,
On Wed, 13 Dec 2017 20:49:09 +0000
Colin King <[email protected]> wrote:
> From: Colin Ian King <[email protected]>
>
> There are two error return paths that are not kfree'ing ep that
> lead to memory leaks. Fix this by exiting on error via the
> ext_out exit path that performs the necessary kfree.
Well, given that no one implements the ->exec_op() hook yet, the
xxxx_op() functions always return 0 right now, but I agree, we
should fix the generic case.
>
> Detected by CoverityScan, CID#1462747 ("Resource Leak")
>
> Fixes: b83ea87958c5 ("mtd: nand: provide several helpers to do common NAND operations")
> Signed-off-by: Colin Ian King <[email protected]>
If you don't mind, I'd like to squash these changes in the original
commit.
Thanks,
Boris
> ---
> drivers/mtd/nand/nand_base.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/mtd/nand/nand_base.c b/drivers/mtd/nand/nand_base.c
> index eb810d5d44e7..1c5126d1db8c 100644
> --- a/drivers/mtd/nand/nand_base.c
> +++ b/drivers/mtd/nand/nand_base.c
> @@ -5046,14 +5046,14 @@ static int nand_flash_detect_ext_param_page(struct nand_chip *chip,
> /* Send our own NAND_CMD_PARAM. */
> ret = nand_read_param_page_op(chip, 0, NULL, 0);
> if (ret)
> - return ret;
> + goto ext_out;
>
> /* Use the Change Read Column command to skip the ONFI param pages. */
> ret = nand_change_read_column_op(chip,
> sizeof(*p) * p->num_of_param_pages,
> ep, len, true);
> if (ret)
> - return ret;
> + goto ext_out;
>
> ret = -EINVAL;
> if ((onfi_crc16(ONFI_CRC_BASE, ((uint8_t *)ep) + 2, len - 2)
On 13/12/17 21:02, Boris Brezillon wrote:
> Hi Colin,
>
> On Wed, 13 Dec 2017 20:49:09 +0000
> Colin King <[email protected]> wrote:
>
>> From: Colin Ian King <[email protected]>
>>
>> There are two error return paths that are not kfree'ing ep that
>> lead to memory leaks. Fix this by exiting on error via the
>> ext_out exit path that performs the necessary kfree.
>
> Well, given that no one implements the ->exec_op() hook yet, the
> xxxx_op() functions always return 0 right now, but I agree, we
> should fix the generic case.
>
>>
>> Detected by CoverityScan, CID#1462747 ("Resource Leak")
>>
>> Fixes: b83ea87958c5 ("mtd: nand: provide several helpers to do common NAND operations")
>> Signed-off-by: Colin Ian King <[email protected]>
>
> If you don't mind, I'd like to squash these changes in the original
> commit.
Yep, no problem with squashing it.
Colin
>
> Thanks,
>
> Boris
>
>> ---
>> drivers/mtd/nand/nand_base.c | 4 ++--
>> 1 file changed, 2 insertions(+), 2 deletions(-)
>>
>> diff --git a/drivers/mtd/nand/nand_base.c b/drivers/mtd/nand/nand_base.c
>> index eb810d5d44e7..1c5126d1db8c 100644
>> --- a/drivers/mtd/nand/nand_base.c
>> +++ b/drivers/mtd/nand/nand_base.c
>> @@ -5046,14 +5046,14 @@ static int nand_flash_detect_ext_param_page(struct nand_chip *chip,
>> /* Send our own NAND_CMD_PARAM. */
>> ret = nand_read_param_page_op(chip, 0, NULL, 0);
>> if (ret)
>> - return ret;
>> + goto ext_out;
>>
>> /* Use the Change Read Column command to skip the ONFI param pages. */
>> ret = nand_change_read_column_op(chip,
>> sizeof(*p) * p->num_of_param_pages,
>> ep, len, true);
>> if (ret)
>> - return ret;
>> + goto ext_out;
>>
>> ret = -EINVAL;
>> if ((onfi_crc16(ONFI_CRC_BASE, ((uint8_t *)ep) + 2, len - 2)
>