Commit caee5e30 authored by Vitaly Kuznetsov's avatar Vitaly Kuznetsov Committed by Tim Gardner

PCI: hv: Don't leak buffer in hv_pci_onchannelcallback()

BugLink: http://bugs.launchpad.net/bugs/1616677

We don't free buffer on several code paths in hv_pci_onchannelcallback(),
put kfree() to the end of the function to fix the issue.  Direct { kfree();
return; } can now be replaced with a simple 'break';
Signed-off-by: default avatarVitaly Kuznetsov <vkuznets@redhat.com>
Signed-off-by: default avatarBjorn Helgaas <bhelgaas@google.com>
Acked-by: default avatarJake Oshins <jakeo@microsoft.com>
(cherry picked from commit 60fcdac8)
Signed-off-by: default avatarTim Gardner <tim.gardner@canonical.com>
Acked-by: default avatarBrad Figg <brad.figg@canonical.com>
Acked-by: default avatarKamal Mostafa <kamal@canonical.com>
parent 550163bc
...@@ -1661,10 +1661,8 @@ static void hv_pci_onchannelcallback(void *context) ...@@ -1661,10 +1661,8 @@ static void hv_pci_onchannelcallback(void *context)
* All incoming packets must be at least as large as a * All incoming packets must be at least as large as a
* response. * response.
*/ */
if (bytes_recvd <= sizeof(struct pci_response)) { if (bytes_recvd <= sizeof(struct pci_response))
kfree(buffer); break;
return;
}
desc = (struct vmpacket_descriptor *)buffer; desc = (struct vmpacket_descriptor *)buffer;
switch (desc->type) { switch (desc->type) {
...@@ -1679,8 +1677,7 @@ static void hv_pci_onchannelcallback(void *context) ...@@ -1679,8 +1677,7 @@ static void hv_pci_onchannelcallback(void *context)
comp_packet->completion_func(comp_packet->compl_ctxt, comp_packet->completion_func(comp_packet->compl_ctxt,
response, response,
bytes_recvd); bytes_recvd);
kfree(buffer); break;
return;
case VM_PKT_DATA_INBAND: case VM_PKT_DATA_INBAND:
...@@ -1729,6 +1726,8 @@ static void hv_pci_onchannelcallback(void *context) ...@@ -1729,6 +1726,8 @@ static void hv_pci_onchannelcallback(void *context)
} }
break; break;
} }
kfree(buffer);
} }
/** /**
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment