2019-11-18 13:29:59

by Vincent Whitchurch

[permalink] [raw]
Subject: [PATCH 2/2] of: overlay: fix target_path memory leak

target_path is used as a temporary buffer in dup_and_fixup_symbol_prop()
and should be freed even in the success path.

This was detected by kmemleak.

unreferenced object 0x8598f6c0 (size 64):
backtrace:
__kmalloc_track_caller+0x17d/0x228
kvasprintf+0x2b/0x64
kasprintf+0x15/0x20
add_changeset_property+0x225/0x364
of_overlay_fdt_apply+0x42d/0x6b4
...

Fixes: e0a58f3e08d4b7fa ("of: overlay: remove a dependency on device node full_name")
Signed-off-by: Vincent Whitchurch <[email protected]>
---
drivers/of/overlay.c | 2 ++
1 file changed, 2 insertions(+)

diff --git a/drivers/of/overlay.c b/drivers/of/overlay.c
index 5f8869e2a8b3..59455322a130 100644
--- a/drivers/of/overlay.c
+++ b/drivers/of/overlay.c
@@ -261,6 +261,8 @@ static struct property *dup_and_fixup_symbol_prop(

of_property_set_flag(new_prop, OF_DYNAMIC);

+ kfree(target_path);
+
return new_prop;

err_free_new_prop:
--
2.20.0


2019-11-21 17:39:49

by Frank Rowand

[permalink] [raw]
Subject: Re: [PATCH 2/2] of: overlay: fix target_path memory leak

Hi Rob,

On 11/18/19 7:28 AM, Vincent Whitchurch wrote:
> target_path is used as a temporary buffer in dup_and_fixup_symbol_prop()
> and should be freed even in the success path.
>
> This was detected by kmemleak.
>
> unreferenced object 0x8598f6c0 (size 64):
> backtrace:
> __kmalloc_track_caller+0x17d/0x228
> kvasprintf+0x2b/0x64
> kasprintf+0x15/0x20
> add_changeset_property+0x225/0x364
> of_overlay_fdt_apply+0x42d/0x6b4
> ...
>
> Fixes: e0a58f3e08d4b7fa ("of: overlay: remove a dependency on device node full_name")
> Signed-off-by: Vincent Whitchurch <[email protected]>
> ---
> drivers/of/overlay.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/drivers/of/overlay.c b/drivers/of/overlay.c
> index 5f8869e2a8b3..59455322a130 100644
> --- a/drivers/of/overlay.c
> +++ b/drivers/of/overlay.c
> @@ -261,6 +261,8 @@ static struct property *dup_and_fixup_symbol_prop(
>
> of_property_set_flag(new_prop, OF_DYNAMIC);
>
> + kfree(target_path);
> +
> return new_prop;
>
> err_free_new_prop:
>

Reviewed-by: Frank Rowand <[email protected]>

I would suggest changing the subject to:

of: overlay: dup_and_fixup_symbol_prop() memory leak

but I am also fine with you not changing the subject.

-Frank