From: Markus Elfring <[email protected]>
Date: Thu, 28 Dec 2023 20:47:18 +0100
The kfree() function was called in up to two cases by
the v9fs_session_init() function during error handling
even if the passed variable contained a null pointer.
This issue was detected by using the Coccinelle software.
* Thus return directly after a call of the function “kstrdup” failed
at the beginning.
* Adjust jump targets.
* Delete an initialisation (for the variable “rc”)
which became unnecessary with this refactoring.
Signed-off-by: Markus Elfring <[email protected]>
---
fs/9p/v9fs.c | 14 +++++++++-----
1 file changed, 9 insertions(+), 5 deletions(-)
diff --git a/fs/9p/v9fs.c b/fs/9p/v9fs.c
index 61dbe52bb3a3..874a36303b72 100644
--- a/fs/9p/v9fs.c
+++ b/fs/9p/v9fs.c
@@ -392,15 +392,18 @@ struct p9_fid *v9fs_session_init(struct v9fs_session_info *v9ses,
const char *dev_name, char *data)
{
struct p9_fid *fid;
- int rc = -ENOMEM;
+ int rc;
v9ses->uname = kstrdup(V9FS_DEFUSER, GFP_KERNEL);
if (!v9ses->uname)
- goto err_names;
+ return ERR_PTR(-ENOMEM);
v9ses->aname = kstrdup(V9FS_DEFANAME, GFP_KERNEL);
- if (!v9ses->aname)
- goto err_names;
+ if (!v9ses->aname) {
+ rc = -ENOMEM;
+ goto free_uname;
+ }
+
init_rwsem(&v9ses->rename_sem);
v9ses->uid = INVALID_UID;
@@ -489,8 +492,9 @@ struct p9_fid *v9fs_session_init(struct v9fs_session_info *v9ses,
#endif
p9_client_destroy(v9ses->clnt);
err_names:
- kfree(v9ses->uname);
kfree(v9ses->aname);
+free_uname:
+ kfree(v9ses->uname);
return ERR_PTR(rc);
}
--
2.43.0
Markus Elfring wrote on Thu, Dec 28, 2023 at 09:01:49PM +0100:
> The kfree() function was called in up to two cases by
> the v9fs_session_init() function during error handling
> even if the passed variable contained a null pointer.
I don't see the problem in calling kfree on null things (especially on
error path).
The only bad pattern I see here is that it relies on implicit
knowledge that aname is null before the call (which is true because
v9fs_session_init is only called immediately after kzalloc); is that
what your coccinelle script was checking for?
Anyway, as far as I'm concerned this is more churn than it's worth, but
I'll defer to Eric if he wants to take it.
Thanks,
--
Dominique
>> The kfree() function was called in up to two cases by
>> the v9fs_session_init() function during error handling
>> even if the passed variable contained a null pointer.
>
> I don't see the problem in calling kfree on null things (especially on
> error path).
Will you become willing to reduce the number of redundant function calls
for improved exception handling?
Regards,
Markus