Re: [PATCH] drm/i915/bios: fix a memory leak in generate_lfp_data_ptrs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 25 Nov 2022, Xia Fukun <xiafukun@xxxxxxxxxx> wrote:
> When (size != 0 || ptrs->lvds_ entries != 3), the program tries to
> free() the ptrs. However, the ptrs is not created by calling kzmalloc(),
> but is obtained by pointer offset operation.
> This may lead to memory leaks or undefined behavior.

Yeah probably worse things will happen than just leak.

>
> Fix this by replacing the arguments of kfree() with ptrs_block.
>
> Fixes: a87d0a847607 ("drm/i915/bios: Generate LFP data table pointers if the VBT lacks them")
> Signed-off-by: Xia Fukun <xiafukun@xxxxxxxxxx>

Reviewed-by: Jani Nikula <jani.nikula@xxxxxxxxx>

> ---
>  drivers/gpu/drm/i915/display/intel_bios.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/gpu/drm/i915/display/intel_bios.c b/drivers/gpu/drm/i915/display/intel_bios.c
> index 28bdb936cd1f..edbdb949b6ce 100644
> --- a/drivers/gpu/drm/i915/display/intel_bios.c
> +++ b/drivers/gpu/drm/i915/display/intel_bios.c
> @@ -414,7 +414,7 @@ static void *generate_lfp_data_ptrs(struct drm_i915_private *i915,
>  		ptrs->lvds_entries++;
>  
>  	if (size != 0 || ptrs->lvds_entries != 3) {
> -		kfree(ptrs);
> +		kfree(ptrs_block);
>  		return NULL;
>  	}

-- 
Jani Nikula, Intel Open Source Graphics Center



[Index of Archives]     [Linux DRI Users]     [Linux Intel Graphics]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [XFree86]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [XFree86]
  Powered by Linux