Hello,
I see memory leak which was introduced in commit f8619bef3406a2134082dc41c208105fe028c09f:
attrib: Fix not checking if att_data_list_alloc fails
It returns (in src/attrib-server.c) from functions when adl local variable is NULL but
it doesn't free local variables (read_by_group: group; read_by_type: type; find_info: info).
The patch is very easy but I can't test it with head so I don't want to send possible
crapy patch.
Luf
Hi Ludek,
On Thu, Oct 18, 2012, Ludek Finstrle wrote:
> Fix for memory leak which was introduced in commit
> f8619bef3406a2134082dc41c208105fe028c09f.
> I tested it with older bluez and rebase for git. Please review it.
> ---
> src/attrib-server.c | 12 +++++++++---
> 1 files changed, 9 insertions(+), 3 deletions(-)
Applied (with the last commit message line removed as suggested by
Vinicius). Thanks.
Johan
Hi,
On 10:39 Thu 18 Oct, Ludek Finstrle wrote:
> Fix for memory leak which was introduced in commit f8619bef3406a2134082dc41c208105fe028c09f.
> I tested it with older bluez and rebase for git. Please review it.
Patch looks good. I would just re-send it without the last line in the
commit message.
But anyway, here's my Ack.
>
> ---
> src/attrib-server.c | 12 +++++++++---
> 1 files changed, 9 insertions(+), 3 deletions(-)
>
> diff --git a/src/attrib-server.c b/src/attrib-server.c
> index ea27b13..4489edc 100644
> --- a/src/attrib-server.c
> +++ b/src/attrib-server.c
> @@ -490,9 +490,11 @@ static uint16_t read_by_group(struct gatt_channel *channel, uint16_t start,
> length = g_slist_length(groups);
>
> adl = att_data_list_alloc(length, last_size + 4);
> - if (adl == NULL)
> + if (adl == NULL) {
> + g_slist_free_full(groups, g_free);
> return enc_error_resp(ATT_OP_READ_BY_GROUP_REQ, start,
> ATT_ECODE_UNLIKELY, pdu, len);
> + }
>
> for (i = 0, l = groups; l; l = l->next, i++) {
> uint8_t *value;
> @@ -577,9 +579,11 @@ static uint16_t read_by_type(struct gatt_channel *channel, uint16_t start,
> length += 2;
>
> adl = att_data_list_alloc(num, length);
> - if (adl == NULL)
> + if (adl == NULL) {
> + g_slist_free(types);
> return enc_error_resp(ATT_OP_READ_BY_TYPE_REQ, start,
> ATT_ECODE_UNLIKELY, pdu, len);
> + }
>
> for (i = 0, l = types; l; i++, l = l->next) {
> uint8_t *value;
> @@ -655,9 +659,11 @@ static uint16_t find_info(struct gatt_channel *channel, uint16_t start,
> }
>
> adl = att_data_list_alloc(num, length + 2);
> - if (adl == NULL)
> + if (adl == NULL) {
> + g_slist_free(info);
> return enc_error_resp(ATT_OP_FIND_INFO_REQ, start,
> ATT_ECODE_UNLIKELY, pdu, len);
> + }
>
> for (i = 0, l = info; l; i++, l = l->next) {
> uint8_t *value;
> --
> 1.7.1
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in
> the body of a message to [email protected]
> More majordomo info at http://vger.kernel.org/majordomo-info.html
Cheers,
--
Vinicius
Fix for memory leak which was introduced in commit f8619bef3406a2134082dc41c208105fe028c09f.
I tested it with older bluez and rebase for git. Please review it.
---
src/attrib-server.c | 12 +++++++++---
1 files changed, 9 insertions(+), 3 deletions(-)
diff --git a/src/attrib-server.c b/src/attrib-server.c
index ea27b13..4489edc 100644
--- a/src/attrib-server.c
+++ b/src/attrib-server.c
@@ -490,9 +490,11 @@ static uint16_t read_by_group(struct gatt_channel *channel, uint16_t start,
length = g_slist_length(groups);
adl = att_data_list_alloc(length, last_size + 4);
- if (adl == NULL)
+ if (adl == NULL) {
+ g_slist_free_full(groups, g_free);
return enc_error_resp(ATT_OP_READ_BY_GROUP_REQ, start,
ATT_ECODE_UNLIKELY, pdu, len);
+ }
for (i = 0, l = groups; l; l = l->next, i++) {
uint8_t *value;
@@ -577,9 +579,11 @@ static uint16_t read_by_type(struct gatt_channel *channel, uint16_t start,
length += 2;
adl = att_data_list_alloc(num, length);
- if (adl == NULL)
+ if (adl == NULL) {
+ g_slist_free(types);
return enc_error_resp(ATT_OP_READ_BY_TYPE_REQ, start,
ATT_ECODE_UNLIKELY, pdu, len);
+ }
for (i = 0, l = types; l; i++, l = l->next) {
uint8_t *value;
@@ -655,9 +659,11 @@ static uint16_t find_info(struct gatt_channel *channel, uint16_t start,
}
adl = att_data_list_alloc(num, length + 2);
- if (adl == NULL)
+ if (adl == NULL) {
+ g_slist_free(info);
return enc_error_resp(ATT_OP_FIND_INFO_REQ, start,
ATT_ECODE_UNLIKELY, pdu, len);
+ }
for (i = 0, l = info; l; i++, l = l->next) {
uint8_t *value;
--
1.7.1
Hi Ludek,
On Wed, Oct 17, 2012 at 9:49 AM, Ludek Finstrle <[email protected]> wrote:
> Hello,
>
> I see memory leak which was introduced in commit f8619bef3406a2134082dc41c208105fe028c09f:
> attrib: Fix not checking if att_data_list_alloc fails
>
> It returns (in src/attrib-server.c) from functions when adl local variable is NULL but
> it doesn't free local variables (read_by_group: group; read_by_type: type; find_info: info).
>
> The patch is very easy but I can't test it with head so I don't want to send possible
> crapy patch.
Please feel free to send it marked as RFC on the subject (e.g. "[RFC]
bla bla") and rebased against master, so we can review the fix.
Best Regards,
--
Anderson Lizardo
Instituto Nokia de Tecnologia - INdT
Manaus - Brazil
Hi Luf,
On 14:49 Wed 17 Oct, Ludek Finstrle wrote:
> Hello,
>
> I see memory leak which was introduced in commit f8619bef3406a2134082dc41c208105fe028c09f:
> attrib: Fix not checking if att_data_list_alloc fails
>
> It returns (in src/attrib-server.c) from functions when adl local variable is NULL but
> it doesn't free local variables (read_by_group: group; read_by_type: type; find_info: info).
Thanks a lot for the report.
Ugh, I will fix it.
>
> The patch is very easy but I can't test it with head so I don't want to send possible
> crapy patch.
>
> Luf
> --
> To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in
> the body of a message to [email protected]
> More majordomo info at http://vger.kernel.org/majordomo-info.html
Cheers,
--
Vinicius