Received: by 2002:a05:6a10:5bc5:0:0:0:0 with SMTP id os5csp2588958pxb; Fri, 29 Oct 2021 04:39:05 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwVfbDKsvHgHTin7lphgUL8mnHH2GRoviyu0MJ5zyEVsH/l4VR5XHbeilUb+pUuRXQ0Pmmp X-Received: by 2002:a17:906:d554:: with SMTP id cr20mr13522402ejc.406.1635507545221; Fri, 29 Oct 2021 04:39:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1635507545; cv=none; d=google.com; s=arc-20160816; b=dtHD7AKMISXWxPOix8mfmAGdWLPrWwJlhEf0Xs6L/EX94lbGCFkwHfN+tnC/ijmrGM /eRda35k5Od8DHm/OmZrm4MZ1nKdaxYZ5pEOPr7qkxyW8iqRnsPoh9D5mTKZpbwKa3zM Y/9bimLqt9Evl2Nc8iXAX3zcLMtgoeL6KZk9bYh0bwMTorPiPWFJiTQAYA6Hx0HVbPtI pQCITtwh5WXQfPahrBw4vhCPL4yMEtktMrBbBj6oiZZZf96yBfALt/EYY4qA4noTU1vJ OcnuONGTW2fNeo/XSImjMeJ3EO9OZ8IR36fCwPL83fFP0KeRrCQf04WpjnWcD2pxsm2B VVeA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date; bh=UM3k5C+oQDy6TBYsdJyo57vyg53gJhpgOeaSOZx7Cl4=; b=ryDSVod+NjsIp93GpckgguFg0ljzKm4yi8VQJxInISy/W3Igd5Cn7IIFzzsC1xYnFC 3zc1GYxroBnzJD376XMcMNsyVRayF+9N1ohx5H5JBonuMitx7ZhfoJStxeRNLUsIWoVZ JPvk2t3Jn15zHLu0VlCgJDZH2+GuUW+KOcmgZ6gfYdoDPyNpP29seb0vkK8qFgAlPepG Pj1LGt2vEN1WgFejMsrEY0NSloPlrgfIlGH2S4feFusfxMFEv36EavD5ZcA4Q089cmiU qNEO/HvQJZ6rnJZMt7OoJJlcVoOoZ8TURAlaJ9+nK9C30fQcqVKYjCtaV6MJiqJEbr8f Kvlg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id mp5si11052675ejc.271.2021.10.29.04.38.41; Fri, 29 Oct 2021 04:39:05 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231942AbhJ2Lgu (ORCPT + 99 others); Fri, 29 Oct 2021 07:36:50 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33236 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231948AbhJ2Lgt (ORCPT ); Fri, 29 Oct 2021 07:36:49 -0400 Received: from metis.ext.pengutronix.de (metis.ext.pengutronix.de [IPv6:2001:67c:670:201:290:27ff:fe1d:cc33]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A085EC061570 for ; Fri, 29 Oct 2021 04:34:21 -0700 (PDT) Received: from gallifrey.ext.pengutronix.de ([2001:67c:670:201:5054:ff:fe8d:eefb] helo=bjornoya.blackshift.org) by metis.ext.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1mgQ9B-0004ym-Nn; Fri, 29 Oct 2021 13:34:09 +0200 Received: from pengutronix.de (2a03-f580-87bc-d400-e533-710f-3fbf-10c2.ip6.dokom21.de [IPv6:2a03:f580:87bc:d400:e533:710f:3fbf:10c2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) (Authenticated sender: mkl-all@blackshift.org) by smtp.blackshift.org (Postfix) with ESMTPSA id 339986A0970; Fri, 29 Oct 2021 11:34:06 +0000 (UTC) Date: Fri, 29 Oct 2021 13:34:05 +0200 From: Marc Kleine-Budde To: Vincent Mailhol Cc: linux-can@vger.kernel.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, Matt Kline , Sean Nyekjaer , Chandrasekar Ramakrishnan Subject: Re: [RFC PATCH v1] can: m_can: m_can_read_fifo: fix memory leak in error branch Message-ID: <20211029113405.hbqcu6chf5e3olrm@pengutronix.de> References: <20211026180909.1953355-1-mailhol.vincent@wanadoo.fr> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="lmadwv6kox6viphu" Content-Disposition: inline In-Reply-To: <20211026180909.1953355-1-mailhol.vincent@wanadoo.fr> X-SA-Exim-Connect-IP: 2001:67c:670:201:5054:ff:fe8d:eefb X-SA-Exim-Mail-From: mkl@pengutronix.de X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false X-PTX-Original-Recipient: linux-kernel@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --lmadwv6kox6viphu Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 27.10.2021 03:09:09, Vincent Mailhol wrote: > In m_can_read_fifo(), if the second call to m_can_fifo_read() fails, > the function jump to the out_fail label and returns without calling > m_can_receive_skb(). This means that the skb previously allocated by > alloc_can_skb() is not freed. In other terms, this is a memory leak. >=20 > This patch adds a new goto statement: out_receive_skb and do some > small code refactoring to fix the issue. This means we pass a skb to the user space, which contains wrong data. Probably 0x0, but if the CAN frame doesn't contain 0x0, it's wrong. That doesn't look like a good idea. If the CAN frame broke due to a CRC issue on the wire it is not received. IMHO it's best to discard the skb and return the error. Marc --=20 Pengutronix e.K. | Marc Kleine-Budde | Embedded Linux | https://www.pengutronix.de | Vertretung West/Dortmund | Phone: +49-231-2826-924 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 | --lmadwv6kox6viphu Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAABCgAdFiEEK3kIWJt9yTYMP3ehqclaivrt76kFAmF73CoACgkQqclaivrt 76lx8Af/dk/tZ39vAPhTsRy6i6hVimJK8nwFFk43d98GcPjGHyb2tqrRO9ePCB2p ekFqT90SzuqplPNhMm/Up9t8NnAAHYzymBXgwcldv/tT+Cm61AAz08ku9NH9tpe2 hX/STgDOwxJYnKSPc2XkDjm4ZQr7Hu9gTeCbZR9RFGIg/mgha2nJvOkYOPyQj+6X HdOvSBNCumahuAAQB881jdbVc5FPbC9TIkKdZDy2WPJWDJA2DN5QfXZpzCte6xDU 9fYwBWQSMX88o9IREvoYfUieuf5uw4g4xKVRCJYHHfAjreyy8g0dS7N6MqeFzVk6 LK7/lDDNFL+WdGkPGpC4liom4wpe4Q== =vVSG -----END PGP SIGNATURE----- --lmadwv6kox6viphu--