We are allocating memory for the v4l2 flash configuration structure and leak it in the normal path. Just use the stack for this as we do not use it outside of this function.
Fixes: 2870b52bae4c ("greybus: lights: add lights implementation") Reported-by: Sakari Ailus sakari.ailus@linux.intel.com Signed-off-by: Rui Miguel Silva rmfrfs@gmail.com --- drivers/staging/greybus/light.c | 29 +++++++++-------------------- 1 file changed, 9 insertions(+), 20 deletions(-)
diff --git a/drivers/staging/greybus/light.c b/drivers/staging/greybus/light.c index 861a249e6ef1..81058cc3c775 100644 --- a/drivers/staging/greybus/light.c +++ b/drivers/staging/greybus/light.c @@ -534,25 +534,20 @@ static int gb_lights_light_v4l2_register(struct gb_light *light) { struct gb_connection *connection = get_conn_from_light(light); struct device *dev = &connection->bundle->dev; - struct v4l2_flash_config *sd_cfg; + struct v4l2_flash_config sd_cfg = { {0} }; struct led_classdev_flash *fled; struct led_classdev_flash *iled = NULL; struct gb_channel *channel_torch, *channel_ind, *channel_flash; - int ret = 0; - - sd_cfg = kcalloc(1, sizeof(*sd_cfg), GFP_KERNEL); - if (!sd_cfg) - return -ENOMEM;
channel_torch = get_channel_from_mode(light, GB_CHANNEL_MODE_TORCH); if (channel_torch) __gb_lights_channel_v4l2_config(&channel_torch->intensity_uA, - &sd_cfg->torch_intensity); + &sd_cfg.torch_intensity);
channel_ind = get_channel_from_mode(light, GB_CHANNEL_MODE_INDICATOR); if (channel_ind) { __gb_lights_channel_v4l2_config(&channel_ind->intensity_uA, - &sd_cfg->indicator_intensity); + &sd_cfg.indicator_intensity); iled = &channel_ind->fled; }
@@ -561,27 +556,21 @@ static int gb_lights_light_v4l2_register(struct gb_light *light)
fled = &channel_flash->fled;
- snprintf(sd_cfg->dev_name, sizeof(sd_cfg->dev_name), "%s", light->name); + snprintf(sd_cfg.dev_name, sizeof(sd_cfg.dev_name), "%s", light->name);
/* Set the possible values to faults, in our case all faults */ - sd_cfg->flash_faults = LED_FAULT_OVER_VOLTAGE | LED_FAULT_TIMEOUT | + sd_cfg.flash_faults = LED_FAULT_OVER_VOLTAGE | LED_FAULT_TIMEOUT | LED_FAULT_OVER_TEMPERATURE | LED_FAULT_SHORT_CIRCUIT | LED_FAULT_OVER_CURRENT | LED_FAULT_INDICATOR | LED_FAULT_UNDER_VOLTAGE | LED_FAULT_INPUT_VOLTAGE | LED_FAULT_LED_OVER_TEMPERATURE;
light->v4l2_flash = v4l2_flash_init(dev, NULL, fled, iled, - &v4l2_flash_ops, sd_cfg); - if (IS_ERR_OR_NULL(light->v4l2_flash)) { - ret = PTR_ERR(light->v4l2_flash); - goto out_free; - } + &v4l2_flash_ops, &sd_cfg); + if (IS_ERR_OR_NULL(light->v4l2_flash)) + return PTR_ERR(light->v4l2_flash);
- return ret; - -out_free: - kfree(sd_cfg); - return ret; + return 0; }
static void gb_lights_light_v4l2_unregister(struct gb_light *light)
On 02-08-17, 17:52, Rui Miguel Silva wrote:
We are allocating memory for the v4l2 flash configuration structure and leak it in the normal path. Just use the stack for this as we do not use it outside of this function.
Fixes: 2870b52bae4c ("greybus: lights: add lights implementation") Reported-by: Sakari Ailus sakari.ailus@linux.intel.com Signed-off-by: Rui Miguel Silva rmfrfs@gmail.com
drivers/staging/greybus/light.c | 29 +++++++++-------------------- 1 file changed, 9 insertions(+), 20 deletions(-)
It isn't a really big structure, so allocating on stack should be fine.
Reviewed-by: Viresh Kumar viresh.kumar@linaro.org
Hi Rui and Johan,
On 08/02/17 19:52, Rui Miguel Silva wrote:
We are allocating memory for the v4l2 flash configuration structure and leak it in the normal path. Just use the stack for this as we do not use it outside of this function.
Fixes: 2870b52bae4c ("greybus: lights: add lights implementation") Reported-by: Sakari Ailus sakari.ailus@linux.intel.com Signed-off-by: Rui Miguel Silva rmfrfs@gmail.com
My apologies for missing sending the original patch to the appropriate recipients the first time.
Could I take this through the mediatree? The second patch in the original set now depends on this one. I'll cc you the second patch as well, it will need updates.
Hi Sakari, On Wed, Aug 09, 2017 at 12:14:17PM +0300, Sakari Ailus wrote:
Hi Rui and Johan,
On 08/02/17 19:52, Rui Miguel Silva wrote:
We are allocating memory for the v4l2 flash configuration structure and leak it in the normal path. Just use the stack for this as we do not use it outside of this function.
Fixes: 2870b52bae4c ("greybus: lights: add lights implementation") Reported-by: Sakari Ailus sakari.ailus@linux.intel.com Signed-off-by: Rui Miguel Silva rmfrfs@gmail.com
My apologies for missing sending the original patch to the appropriate recipients the first time.
No problem, this kind of things happens.
Could I take this through the mediatree?
For me that's fine, since you need this for your other patch. please add the reviewed-by tag from Viresh.
The second patch in the original set now depends on this one. I'll cc you the second patch as well, it will need updates.
Thanks, I will review the changes to greybus light then.
--- Cheers, Rui
-
Rui Miguel Silva -
Sakari Ailus -
Viresh Kumar