[PATCH] firmware: edd: fix possible memory leak in edd_device_register()
From: Yang Yingliang
Date: Thu Oct 20 2022 - 04:02:25 EST
Inject fault while loading module, kobject_init_and_add() may fail
in edd_device_register(), if it fails, kobject_put() need be called
to properly clean up the memory associated with the object, or the
name of kobject is leaked.
unreferenced object 0xffff8e7d40d15820 (size 16):
comm "swapper/0", pid 1, jiffies 4294669397 (age 47.978s)
hex dump (first 16 bytes):
69 6e 74 31 33 5f 64 65 76 38 30 00 7d 8e ff ff int13_dev80.}...
backtrace:
[<000000009c36832f>] __kmem_cache_alloc_node+0x1e9/0x360
[<00000000c952bd6c>] __kmalloc_node_track_caller+0x44/0x1a0
[<000000007573fbea>] kvasprintf+0x67/0xd0
[<00000000b2800ea6>] kobject_set_name_vargs+0x1e/0x90
[<000000002d7bc789>] kobject_init_and_add+0x5d/0xa0
[<000000002569fea1>] edd_init+0x170/0x2ad
Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Signed-off-by: Yang Yingliang <yangyingliang@xxxxxxxxxx>
---
drivers/firmware/edd.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/drivers/firmware/edd.c b/drivers/firmware/edd.c
index 5cc238916551..ae39119ea403 100644
--- a/drivers/firmware/edd.c
+++ b/drivers/firmware/edd.c
@@ -708,6 +708,8 @@ edd_device_register(struct edd_device *edev, int i)
if (!error) {
edd_populate_dir(edev);
kobject_uevent(&edev->kobj, KOBJ_ADD);
+ } else {
+ kobject_put(&edev->kobj);
}
return error;
}
@@ -747,10 +749,8 @@ edd_init(void)
}
rc = edd_device_register(edev, i);
- if (rc) {
- kfree(edev);
+ if (rc)
goto out;
- }
edd_devices[i] = edev;
}
--
2.25.1