On 05/19/16 20:50, Ravi Pokala wrote: > -----Original Message----- > From: <owner-src-committ...@freebsd.org> on behalf of "Jason A. Harmening" > <j...@freebsd.org> > Date: 2016-05-19, Thursday at 20:03 > To: <src-committ...@freebsd.org>, <svn-src-all@freebsd.org>, > <svn-src-h...@freebsd.org> > Subject: svn commit: r300258 - head/sys/dev/iicbus > >> Author: jah >> Date: Fri May 20 03:03:04 2016 >> New Revision: 300258 >> URL: https://svnweb.freebsd.org/changeset/base/300258 >> >> Log: >> iic_rdwr_data->nmsgs is uint32_t, so limit the allowable number of messages >> to prevent memory exhaustion and short allocations on 32-bit systems. Since >> iicrdwr is intended to be a workalike of a Linux i2c-dev call, use the same >> limit of 42 that Linux uses. >> >> Also check the return value of copyin(9) to prevent unnecessary allocation >> in the failure case. >> >> ... >> >> error = copyin(d->msgs, buf, sizeof(*d->msgs) * d->nmsgs); >> + if (error != 0) { >> + free(buf, M_IIC); >> + return (error); >> + } >> > > Hi Jason, > > If I’m reading that right, it’s not preventing any allocations, but it is > preventing a leak. Is that correct? > > Thanks, > > Ravi (rpokala@) > >
Hi Ravi, There shouldn't be a leak in here, but checking the result prevents falling through the rest of the function, including the unnecessary malloc of usrbufs right after this. It also makes the error handling clearer. Thanks, Jason
signature.asc
Description: OpenPGP digital signature
