[PATCH] dt-ops: fix memory leak when new_node malloc fails

Mon Nov 30 22:11:05 EST 2020

On 2020/12/1 00:39, Simon Horman wrote:
>On Mon, Nov 30, 2020 at 02:41:56PM +0800, qiuguorui1 wrote:
>> In function dtb_set_property, when malloc new_node fails,
>> we need to free new_dtb before return.
>> 
>> Fixes: f56cbcf4c2766 ("kexec/dt-ops.c: Fix '/chosen' v/s 'chosen' node
>> being passed to fdt helper functions")
>> Signed-off-by: qiuguorui1 <qiuguorui1 at huawei.com>
>> ---
>>  kexec/dt-ops.c | 1 +
>>  1 file changed, 1 insertion(+)
>> 
>> diff --git a/kexec/dt-ops.c b/kexec/dt-ops.c
>> index dd2feaa..cc5feae 100644
>> --- a/kexec/dt-ops.c
>> +++ b/kexec/dt-ops.c
>> @@ -89,6 +89,7 @@ int dtb_set_property(char **dtb, off_t *dtb_size, const char *node,
>>  	new_node = malloc(strlen("/") + strlen(node) + 1);
>>  	if (!new_node) {
>>  		dbgprintf("%s: malloc failed\n", __func__);
>> +		free(new_dtb);
>
>Can we use the goto idiom here,
>as is used elsewhere in this function?
Sure! Thanks for your advice,I will send a v2 patch soon.
>>  		return -ENOMEM;
>>  	}
>>  
>> -- 
>> 2.12.3

-----邮件原件-----
发件人: Simon Horman [mailto:horms at verge.net.au] 
发送时间: 2020年12月1日 0:39
收件人: qiuguorui <qiuguorui1 at huawei.com>
抄送: kexec at lists.infradead.org; bhsharma at redhat.com; Liyou (leeyou, RTOS) <leeyou.li at huawei.com>; Zengweilin <zengweilin at huawei.com>
主题: Re: [PATCH] dt-ops: fix memory leak when new_node malloc fails

On Mon, Nov 30, 2020 at 02:41:56PM +0800, qiuguorui1 wrote:
> In function dtb_set_property, when malloc new_node fails,
> we need to free new_dtb before return.
> 
> Fixes: f56cbcf4c2766 ("kexec/dt-ops.c: Fix '/chosen' v/s 'chosen' node
> being passed to fdt helper functions")
> Signed-off-by: qiuguorui1 <qiuguorui1 at huawei.com>
> ---
>  kexec/dt-ops.c | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/kexec/dt-ops.c b/kexec/dt-ops.c
> index dd2feaa..cc5feae 100644
> --- a/kexec/dt-ops.c
> +++ b/kexec/dt-ops.c
> @@ -89,6 +89,7 @@ int dtb_set_property(char **dtb, off_t *dtb_size, const char *node,
>  	new_node = malloc(strlen("/") + strlen(node) + 1);
>  	if (!new_node) {
>  		dbgprintf("%s: malloc failed\n", __func__);
> +		free(new_dtb);

Can we use the goto idiom here,
as is used elsewhere in this function?

>  		return -ENOMEM;
>  	}
>  
> -- 
> 2.12.3
> 
> 
> _______________________________________________
> kexec mailing list
> kexec at lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/kexec
> 