Hi Dan,
On Fri, Jun 26, 2015 at 12:00:22PM +0300, Dan Carpenter wrote:
> The patch e73f61e41f3b: "kvm: irqchip: Break up high order
> allocations of kvm_irq_routing_table" from May 8, 2015, leads to the
> following static checker warning:
> 215 r = -EINVAL;
> 216 if (ue->flags)
> 217 goto out;
> ^^^^^^^^
> Leaked here. Move in front of the allocation?
Right, this is a potential leak, thanks for the report. The patch below
should fix it:
>From 14abe455d04f7208a16237a2f1321fd5e5c5d115 Mon Sep 17 00:00:00 2001
From: Joerg Roedel <jroedel@xxxxxxx>
Date: Fri, 26 Jun 2015 18:02:47 +0200
Subject: [PATCH] kvm: irqchip: Fix possible memory leak in
kvm_set_irq_routing()
If ue->flags field is checked after the allocation of the
kvm_kernel_irq_routing_entry, it will be leaked if the check
succeeds. Do the check before the allocation instead to
avoid this leak.
Reported-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
Fixes: e73f61e41f3b: "kvm: irqchip: Break up high order allocations of kvm_irq_routing_table"
Signed-off-by: Joerg Roedel <jroedel@xxxxxxx>
---
virt/kvm/irqchip.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/virt/kvm/irqchip.c b/virt/kvm/irqchip.c
index 21c1424..239f4ec 100644
--- a/virt/kvm/irqchip.c
+++ b/virt/kvm/irqchip.c
@@ -207,14 +207,15 @@ int kvm_set_irq_routing(struct kvm *kvm,
for (i = 0; i < nr; ++i) {
struct kvm_kernel_irq_routing_entry *e;
+ r = -EINVAL;
+ if (ue->flags)
+ goto out;
+
r = -ENOMEM;
e = kzalloc(sizeof(*e), GFP_KERNEL);
if (!e)
goto out;
- r = -EINVAL;
- if (ue->flags)
- goto out;
r = setup_routing_entry(new, e, ue);
if (r)
goto out;
--
1.8.4.5
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
