diff options
author | Jesper Juhl <jj@chaosbits.net> | 2012-10-22 18:53:58 -0400 |
---|---|---|
committer | Rafael J. Wysocki <rafael.j.wysocki@intel.com> | 2012-10-22 18:53:58 -0400 |
commit | 2978af545b9a1ed221e23fb24ae4559bec6ad70d (patch) | |
tree | cc17169af9d7c96976b274afb74bd7602aba5074 | |
parent | 6f0c0580b70c89094b3422ba81118c7b959c7556 (diff) |
ACPI: Fix memory leak in acpi_bind_one()
Memory is allocated with kzalloc() and assigned to
'physical_node'. Then 'physical_node->node_id' is initialized with a
call to 'find_first_zero_bit()', if that results in a value greater
than ACPI_MAX_PHYSICAL_NODE we'll end up jumping to the 'err:' label
and there leave the function and let 'physical_node' go out of scope
and leak the memory we allocated.
This patch fixes the leak by simply freeing the unused/unneeded memory
pointed to by 'physical_node' just before we jump to 'err:'.
[rjw: The problem has been introduced by commit 1033f90 (ACPI: Allow
ACPI binding with USB-3.0 hub), which is new in 3.7-rc.]
Signed-off-by: Jesper Juhl <jj@chaosbits.net>
Reviewed-by: Toshi Kani <toshi.kani@hp.com>
Reviewed-by: Yasuaki Ishimatsu <isimatu.yasuaki@jp.fujitsu.com>
Acked-by: David Rientjes <rientjes@google.com>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
-rw-r--r-- | drivers/acpi/glue.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/drivers/acpi/glue.c b/drivers/acpi/glue.c index d1a2d74033e9..08373086cd7e 100644 --- a/drivers/acpi/glue.c +++ b/drivers/acpi/glue.c | |||
@@ -159,6 +159,7 @@ static int acpi_bind_one(struct device *dev, acpi_handle handle) | |||
159 | if (physical_node->node_id >= ACPI_MAX_PHYSICAL_NODE) { | 159 | if (physical_node->node_id >= ACPI_MAX_PHYSICAL_NODE) { |
160 | retval = -ENOSPC; | 160 | retval = -ENOSPC; |
161 | mutex_unlock(&acpi_dev->physical_node_lock); | 161 | mutex_unlock(&acpi_dev->physical_node_lock); |
162 | kfree(physical_node); | ||
162 | goto err; | 163 | goto err; |
163 | } | 164 | } |
164 | 165 | ||