Bjørn Mork <bjorn@xxxxxxx> writes: > commit 98cb7e44 ([SCSI] megaraid_sas: Sanity check user > supplied length before passing it to dma_alloc_coherent()) > introduced a memory leak. Memory allocated for entries > following zero length SGL entries will not be freed. > > Reference: http://bugs.debian.org/688198 > Cc: <stable@xxxxxxxxxxxxxxx> > Signed-off-by: Bjørn Mork <bjorn@xxxxxxx> > --- > drivers/scsi/megaraid/megaraid_sas_base.c | 10 ++++++---- > 1 file changed, 6 insertions(+), 4 deletions(-) > > diff --git a/drivers/scsi/megaraid/megaraid_sas_base.c b/drivers/scsi/megaraid/megaraid_sas_base.c > index d2c5366..12b6be4 100644 > --- a/drivers/scsi/megaraid/megaraid_sas_base.c > +++ b/drivers/scsi/megaraid/megaraid_sas_base.c > @@ -4854,10 +4854,12 @@ megasas_mgmt_fw_ioctl(struct megasas_instance *instance, > sense, sense_handle); > } > > - for (i = 0; i < ioc->sge_count && kbuff_arr[i]; i++) { > - dma_free_coherent(&instance->pdev->dev, > - kern_sge32[i].length, > - kbuff_arr[i], kern_sge32[i].phys_addr); > + for (i = 0; i < ioc->sge_count; i++) { > + if (kbuff_arr[i]) > + dma_free_coherent(&instance->pdev->dev, > + kern_sge32[i].length, > + kbuff_arr[i], > + kern_sge32[i].phys_addr); > } > > megasas_return_cmd(instance, cmd); This patch was acked by Adam Radford 4 Dec 2012: http://permalink.gmane.org/gmane.linux.kernel.stable/36537 but it looks like it got lost somewhere after that. Please let me know asap if it should be resent. I'm otherwise going to clean it out of my todo queue. Bjørn -- To unsubscribe from this list: send the line "unsubscribe stable" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html