From: Xiaoke Wang <[email protected]>
In rtw_xmit_resource_alloc(), if usb_alloc_urb() fails, then the memory
`pxmitbuf->pallocated_buf` which is allocated by kzalloc() is not properly
released before returning.
So this patch adds kfree() on the above error path to release it. As there
is no proper device to test with, no runtime testing was performed.
Signed-off-by: Xiaoke Wang <[email protected]>
---
drivers/staging/r8188eu/core/rtw_xmit.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/drivers/staging/r8188eu/core/rtw_xmit.c b/drivers/staging/r8188eu/core/rtw_xmit.c
index 67f9c05..9c39d08 100644
--- a/drivers/staging/r8188eu/core/rtw_xmit.c
+++ b/drivers/staging/r8188eu/core/rtw_xmit.c
@@ -44,8 +44,10 @@ static int rtw_xmit_resource_alloc(struct adapter *padapter, struct xmit_buf *px
pxmitbuf->dma_transfer_addr = 0;
pxmitbuf->pxmit_urb = usb_alloc_urb(0, GFP_KERNEL);
- if (!pxmitbuf->pxmit_urb)
+ if (!pxmitbuf->pxmit_urb) {
+ kfree(pxmitbuf->pallocated_buf);
return _FAIL;
+ }
return _SUCCESS;
}
--
On 9/10/22 02:29, [email protected] wrote:
> From: Xiaoke Wang <[email protected]>
>
> In rtw_xmit_resource_alloc(), if usb_alloc_urb() fails, then the memory
> `pxmitbuf->pallocated_buf` which is allocated by kzalloc() is not properly
> released before returning.
>
> So this patch adds kfree() on the above error path to release it. As there
> is no proper device to test with, no runtime testing was performed.
>
> Signed-off-by: Xiaoke Wang <[email protected]>
> ---
> drivers/staging/r8188eu/core/rtw_xmit.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/staging/r8188eu/core/rtw_xmit.c b/drivers/staging/r8188eu/core/rtw_xmit.c
> index 67f9c05..9c39d08 100644
> --- a/drivers/staging/r8188eu/core/rtw_xmit.c
> +++ b/drivers/staging/r8188eu/core/rtw_xmit.c
> @@ -44,8 +44,10 @@ static int rtw_xmit_resource_alloc(struct adapter *padapter, struct xmit_buf *px
> pxmitbuf->dma_transfer_addr = 0;
>
> pxmitbuf->pxmit_urb = usb_alloc_urb(0, GFP_KERNEL);
> - if (!pxmitbuf->pxmit_urb)
> + if (!pxmitbuf->pxmit_urb) {
> + kfree(pxmitbuf->pallocated_buf);
> return _FAIL;
> + }
>
> return _SUCCESS;
> }
Hi Xiaoke,
I applied your patch and tested it. That is OK.
But you excluded the change history. Usually this is not accepted by
Greg. Reason is that what identifies the patch is the change itself. The
change itself is the same as: "[PATCH v4] staging: r8188eu: fix
potential memory leak in rtw_os_xmit_resource_alloc()" Even if you
change the Subject, Description and the branch it remains the same patch
for Greg.
Tested-by: Philipp Hortmann <[email protected]> # Edimax N150
On Sat, Sep 10, 2022 at 08:29:03AM +0200, Philipp Hortmann wrote:
> On 9/10/22 02:29, [email protected] wrote:
> > From: Xiaoke Wang <[email protected]>
> >
> > In rtw_xmit_resource_alloc(), if usb_alloc_urb() fails, then the memory
> > `pxmitbuf->pallocated_buf` which is allocated by kzalloc() is not properly
> > released before returning.
> >
> > So this patch adds kfree() on the above error path to release it. As there
> > is no proper device to test with, no runtime testing was performed.
> >
> > Signed-off-by: Xiaoke Wang <[email protected]>
> > ---
> > drivers/staging/r8188eu/core/rtw_xmit.c | 4 +++-
> > 1 file changed, 3 insertions(+), 1 deletion(-)
> >
> > diff --git a/drivers/staging/r8188eu/core/rtw_xmit.c b/drivers/staging/r8188eu/core/rtw_xmit.c
> > index 67f9c05..9c39d08 100644
> > --- a/drivers/staging/r8188eu/core/rtw_xmit.c
> > +++ b/drivers/staging/r8188eu/core/rtw_xmit.c
> > @@ -44,8 +44,10 @@ static int rtw_xmit_resource_alloc(struct adapter *padapter, struct xmit_buf *px
> > pxmitbuf->dma_transfer_addr = 0;
> > pxmitbuf->pxmit_urb = usb_alloc_urb(0, GFP_KERNEL);
> > - if (!pxmitbuf->pxmit_urb)
> > + if (!pxmitbuf->pxmit_urb) {
> > + kfree(pxmitbuf->pallocated_buf);
> > return _FAIL;
> > + }
> > return _SUCCESS;
> > }
>
> Hi Xiaoke,
>
> I applied your patch and tested it. That is OK.
>
> But you excluded the change history. Usually this is not accepted by Greg.
> Reason is that what identifies the patch is the change itself. The change
> itself is the same as: "[PATCH v4] staging: r8188eu: fix potential memory
> leak in rtw_os_xmit_resource_alloc()" Even if you change the Subject,
> Description and the branch it remains the same patch for Greg.
Agreed, please fix up.
thanks,
greg k-h