Commit a809dda0 authored by Julia Lawall's avatar Julia Lawall Committed by Jiri Kosina

HID: fix memory leak on error patch in debug code

Error handling code following a kzalloc should free the allocated data.

The semantic match that finds the problem is as follows:
(http://www.emn.fr/x-info/coccinelle/)

// <smpl>
@r exists@
local idexpression x;
statement S;
expression E;
identifier f,f1,l;
position p1,p2;
expression *ptr != NULL;
@@

x@p1 = \(kmalloc\|kzalloc\|kcalloc\)(...);
...
if (x == NULL) S
<... when != x
     when != if (...) { <+...x...+> }
(
x->f1 = E
|
 (x->f1 == NULL || ...)
|
 f(...,x->f1,...)
)
...>
(
 return \(0\|<+...x...+>\|ptr\);
|
 return@p2 ...;
)

@script:python@
p1 << r.p1;
p2 << r.p2;
@@

print "* file: %s kmalloc %s return %s" % (p1[0].file,p1[0].line,p2[0].line)
// </smpl>
Signed-off-by: default avatarJulia Lawall <julia@diku.dk>
Cc: Jiri Kosina <jkosina@suse.cz>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: default avatarJiri Kosina <jkosina@suse.cz>
parent 55dba524
...@@ -909,6 +909,7 @@ static int hid_debug_events_open(struct inode *inode, struct file *file) ...@@ -909,6 +909,7 @@ static int hid_debug_events_open(struct inode *inode, struct file *file)
if (!(list->hid_debug_buf = kzalloc(sizeof(char) * HID_DEBUG_BUFSIZE, GFP_KERNEL))) { if (!(list->hid_debug_buf = kzalloc(sizeof(char) * HID_DEBUG_BUFSIZE, GFP_KERNEL))) {
err = -ENOMEM; err = -ENOMEM;
kfree(list);
goto out; goto out;
} }
list->hdev = (struct hid_device *) inode->i_private; list->hdev = (struct hid_device *) inode->i_private;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment