diff options
author | Ralf Baechle <ralf@linux-mips.org> | 2012-08-08 08:57:03 -0400 |
---|---|---|
committer | Ralf Baechle <ralf@linux-mips.org> | 2012-08-17 04:57:27 -0400 |
commit | d3cac35cd0a2a987f7559e1829fb0253cea33872 (patch) | |
tree | ae27d06c44b3d36c7cb4b1b5373c569ef535369f /arch/mips/kernel/module.c | |
parent | 143ec74eb10ac9a8c4357341a03b07ac4f04a761 (diff) |
MIPS: Fix memory leak in error path of HI16/LO16 relocation handling.
Commit 6f5d2e970452b5c86906adcb8e7ad246f535ba39 (lmo) /
477c4b07406357ad93d0e32788dbf3ee814eadaa (kernel.org) [[MIPS: VPE: Free
relocation chain on error.] fixed the same issue in the vpe loader in 2009
but back then the same bug in module.c went unfixed.
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Reported-by: Akhilesh Kumar <akhilesh.lxr@gmail.com>
Diffstat (limited to 'arch/mips/kernel/module.c')
-rw-r--r-- | arch/mips/kernel/module.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/arch/mips/kernel/module.c b/arch/mips/kernel/module.c index a5066b1c3de3..e5f2f56524ea 100644 --- a/arch/mips/kernel/module.c +++ b/arch/mips/kernel/module.c | |||
@@ -146,16 +146,15 @@ static int apply_r_mips_lo16_rel(struct module *me, u32 *location, Elf_Addr v) | |||
146 | { | 146 | { |
147 | unsigned long insnlo = *location; | 147 | unsigned long insnlo = *location; |
148 | Elf_Addr val, vallo; | 148 | Elf_Addr val, vallo; |
149 | struct mips_hi16 *l, *next; | ||
149 | 150 | ||
150 | /* Sign extend the addend we extract from the lo insn. */ | 151 | /* Sign extend the addend we extract from the lo insn. */ |
151 | vallo = ((insnlo & 0xffff) ^ 0x8000) - 0x8000; | 152 | vallo = ((insnlo & 0xffff) ^ 0x8000) - 0x8000; |
152 | 153 | ||
153 | if (mips_hi16_list != NULL) { | 154 | if (mips_hi16_list != NULL) { |
154 | struct mips_hi16 *l; | ||
155 | 155 | ||
156 | l = mips_hi16_list; | 156 | l = mips_hi16_list; |
157 | while (l != NULL) { | 157 | while (l != NULL) { |
158 | struct mips_hi16 *next; | ||
159 | unsigned long insn; | 158 | unsigned long insn; |
160 | 159 | ||
161 | /* | 160 | /* |
@@ -201,6 +200,12 @@ static int apply_r_mips_lo16_rel(struct module *me, u32 *location, Elf_Addr v) | |||
201 | return 0; | 200 | return 0; |
202 | 201 | ||
203 | out_danger: | 202 | out_danger: |
203 | while (l) { | ||
204 | next = l->next; | ||
205 | kfree(l); | ||
206 | l = next; | ||
207 | } | ||
208 | |||
204 | pr_err("module %s: dangerous R_MIPS_LO16 REL relocation\n", me->name); | 209 | pr_err("module %s: dangerous R_MIPS_LO16 REL relocation\n", me->name); |
205 | 210 | ||
206 | return -ENOEXEC; | 211 | return -ENOEXEC; |