Re: [PATCH] drivers/net/wimax/i2400m/fw.c fix possible double free

From: Darren Jenkins
Date: Thu Mar 18 2010 - 04:47:08 EST

Next message: Zachary Amsden: "Re: [PATCH] Enhance perf to collect KVM guest os statistics fromhost side"
Previous message: Jes Sorensen: "Re: [RFC] Unify KVM kernel-space and user-space code into a singleproject"
In reply to: Inaky Perez-Gonzalez: "Re: [PATCH] drivers/net/wimax/i2400m/fw.c fix possible double free"
Next in thread: David Miller: "Re: [PATCH] drivers/net/wimax/i2400m/fw.c fix possible double free"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Mar 18, 2010 at 9:10 AM, Inaky Perez-Gonzalez
<inaky.perez-gonzalez@xxxxxxxxx> wrote:

> If krealloc() fails to aallocate a new pointer, the old block is
> unmodified, so by doing this you are leaking a buffer allocation.

It seems you are right.
So now understanding correctly how krealloc() works I can see that the
double kfree() can only actually happen if the el_size parameter to
i2400m_zrealloc_2x() is zero, and it isn't at the two call sites.

So this was a false positive and I am sorry for the noise.

Darren J.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Zachary Amsden: "Re: [PATCH] Enhance perf to collect KVM guest os statistics fromhost side"
Previous message: Jes Sorensen: "Re: [RFC] Unify KVM kernel-space and user-space code into a singleproject"
In reply to: Inaky Perez-Gonzalez: "Re: [PATCH] drivers/net/wimax/i2400m/fw.c fix possible double free"
Next in thread: David Miller: "Re: [PATCH] drivers/net/wimax/i2400m/fw.c fix possible double free"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]