[U-Boot] [PATCH 7/8] spi: sandbox: Fix memory leak in sandbox_sf_bind_emul()
Simon Glass
sjg at chromium.org
Tue Jun 12 06:05:13 UTC 2018
Hi Heinrich,
On 10 June 2018 at 05:35, Simon Glass <sjg at chromium.org> wrote:
> Hi Heinrich,
>
> On 9 June 2018 at 11:54, Heinrich Schuchardt <xypron.glpk at gmx.de> wrote:
>> On 06/09/2018 08:22 PM, Simon Glass wrote:
>>> Move the strdup() call so that it is only done when we know we will bind
>>> the device.
>>>
>>> Reported-by: Coverity (CID: 131216)
>>>
>>> Signed-off-by: Simon Glass <sjg at chromium.org>
>>> ---
>>>
>>> drivers/mtd/spi/sandbox.c | 6 +++---
>>> 1 file changed, 3 insertions(+), 3 deletions(-)
>>>
>>> diff --git a/drivers/mtd/spi/sandbox.c b/drivers/mtd/spi/sandbox.c
>>> index 7893efee12..ae29c034b9 100644
>>> --- a/drivers/mtd/spi/sandbox.c
>>> +++ b/drivers/mtd/spi/sandbox.c
>>> @@ -567,14 +567,14 @@ int sandbox_sf_bind_emul(struct sandbox_state *state, int busnum, int cs,
>>> strncpy(name, spec, sizeof(name) - 6);
>>> name[sizeof(name) - 6] = '\0';
>>> strcat(name, "-emul");
>>> - str = strdup(name);
>>> - if (!str)
>>> - return -ENOMEM;
>>> drv = lists_driver_lookup_name("sandbox_sf_emul");
>>> if (!drv) {
>>> puts("Cannot find sandbox_sf_emul driver\n");
>>> return -ENOENT;
>>> }
>>> + str = strdup(name);
>>> + if (!str)
>>> + return -ENOMEM;
>>> ret = device_bind(bus, drv, str, NULL, of_offset, &emul);
>>> if (ret) {
>>> printf("Cannot create emul device for spec '%s' (err=%d)\n",
>>
>> Aren't you leaking str's memory here? I would have expected free(str).
>
> We need that for device_bind() which requires that the name be allocated for it.
OK I see what you mean now. If device_bind() fails it should be safe
to free it, since it is not supposed to leave anything around from its
failure to bind the device.
Regards,
Simon
More information about the U-Boot
mailing list