Kernel memleak in jffs2_erase_block() (fs/jffs2/erase.c:78)
Joakim Tjernlund
joakim.tjernlund at transmode.se
Mon Nov 12 10:30:50 EST 2007
On Mon, 2007-11-12 at 13:28 +0100, Jörn Engel wrote:
> On Mon, 12 November 2007 13:39:02 +0300, Damir Shayhutdinov wrote:
> >
> > I'm studying JFFS2 code now, and I believe I've found a kernel memory leak.
> >
> > fs/jffs2/erase.c:
> >
> > 76 ret = c->mtd->erase(c->mtd, instr);
> > 77 if (!ret)
> > 78 return;
> >
> > In case of ret == 0 (erase succeeded), line 78 leaves the function
> > jffs2_erase_block without kfree-ing previously kmalloc-ed pointer
> > instr (line 50).
> >
> > So, sizeof(struct erase_info) + sizeof(struct erase_priv_struct) bytes
> > are leaking each time block is erased successfully.
>
> Makes 64 Bytes, including kmalloc overhead. On every successful erase.
> David, please apply.
>
> Jörn
eeh, what about jffs2_erase_callback() as posted previously?
More information about the linux-mtd
mailing list