From: Xidong Wang 2711406067@qq.com
In function fbtft_framebuffer_alloc(), the memory allocated by framebuffer_alloc() is not released on the error path that txbuflen > 0 and txbuf, which holds the return value of devm_kzalloc(), is NULL. This will result in a memory leak bug.
Signed-off-by: Xidong Wang 2711406067@qq.com --- drivers/staging/fbtft/fbtft-core.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/drivers/staging/fbtft/fbtft-core.c b/drivers/staging/fbtft/fbtft-core.c index 0e36b66..e92771e 100644 --- a/drivers/staging/fbtft/fbtft-core.c +++ b/drivers/staging/fbtft/fbtft-core.c @@ -836,7 +836,7 @@ struct fb_info *fbtft_framebuffer_alloc(struct fbtft_display *display, if (txbuflen > 0) { txbuf = devm_kzalloc(par->info->device, txbuflen, GFP_KERNEL); if (!txbuf) - goto alloc_fail; + goto err_info; par->txbuf.buf = txbuf; par->txbuf.len = txbuflen; } @@ -872,6 +872,9 @@ struct fb_info *fbtft_framebuffer_alloc(struct fbtft_display *display,
return info;
+err_info: + framebuffer_release(info); + alloc_fail: vfree(vmem);
On Tue, 2018-04-03 at 21:33 +0800, Xidong Wang wrote:
From: Xidong Wang 2711406067@qq.com
In function fbtft_framebuffer_alloc(), the memory allocated by framebuffer_alloc() is not released on the error path that txbuflen > 0 and txbuf, which holds the return value of devm_kzalloc(), is NULL. This will result in a memory leak bug.
[]
diff --git a/drivers/staging/fbtft/fbtft-core.c b/drivers/staging/fbtft/fbtft-core.c
[]
@@ -836,7 +836,7 @@ struct fb_info *fbtft_framebuffer_alloc(struct fbtft_display *display, if (txbuflen > 0) { txbuf = devm_kzalloc(par->info->device, txbuflen, GFP_KERNEL); if (!txbuf)
goto alloc_fail;
goto err_info;@@ -872,6 +872,9 @@ struct fb_info *fbtft_framebuffer_alloc(struct fbtft_display *display, return info; +err_info:
- framebuffer_release(info);
alloc_fail: vfree(vmem);
What about the
if (par->gamma.curves && gamma) { if (fbtft_gamma_parse_str(par, par->gamma.curves, gamma, strlen(gamma))) goto alloc_fail; }
a little above this?
Presumable then it should goto err_info too.
Hi,
[This is an automated email]
This commit has been processed by the -stable helper bot and determined to be a high probability candidate for -stable trees. (score: 7.6999)
The bot has tested the following trees: v4.16, v4.15.15, v4.14.32, v4.9.92, v4.4.126.
v4.16: Build OK! v4.15.15: Build OK! v4.14.32: Build OK! v4.9.92: Build OK! v4.4.126: Build OK!
Please let us know if you'd like to have this patch included in a stable tree.
-- Thanks, Sasha
linux-stable-mirror@lists.linaro.org
-
Joe Perches -
Sasha Levin -
Xidong Wang