Re: drivers/edac/ move a kfree() to after last use

From: Borislav Petkov
Date: Mon Dec 21 2009 - 10:18:24 EST

Next message: Alexander Strakh: "[PATCH] 3c507.c: remove unused NULL pointer check"
Previous message: OGAWA Hirofumi: "Re: utimensat fails to update ctime"
In reply to: Darren Jenkins: "drivers/edac/ move a kfree() to after last use"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Dec 21, 2009 at 03:38:26PM +1100, Darren Jenkins wrote:
>
> Move a kfree() below the last use of the memory
>
> Coverity CID: 13142
>
> Signed-off-by: Darren Jenkins <darrenrjenkins@xxxxxxxxx>

Thanks for catching that. Here's a better version that does all the
freeing at the end of the function.

--
From: Borislav Petkov <borislav.petkov@xxxxxxx>
Date: Mon, 21 Dec 2009 15:15:59 +0100
Subject: [PATCH] amd64_edac: fix driver instance freeing

Fix use-after-free errors by pushing all memory-freeing calls to the end
of amd64_remove_one_instance().

Reported-by: Darren Jenkins <darrenrjenkins@xxxxxxxxx>
Signed-off-by: Borislav Petkov <borislav.petkov@xxxxxxx>
---
drivers/edac/amd64_edac.c | 9 ++++-----
1 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/drivers/edac/amd64_edac.c b/drivers/edac/amd64_edac.c
index 784cc5a..fb0d36b 100644
--- a/drivers/edac/amd64_edac.c
+++ b/drivers/edac/amd64_edac.c
@@ -2929,16 +2929,15 @@ static void __devexit amd64_remove_one_instance(struct pci_dev *pdev)

amd64_free_mc_sibling_devices(pvt);

- kfree(pvt);
- mci->pvt_info = NULL;
-
- mci_lookup[pvt->mc_node_id] = NULL;
-
/* unregister from EDAC MCE */
amd_report_gart_errors(false);
amd_unregister_ecc_decoder(amd64_decode_bus_error);

/* Free the EDAC CORE resources */
+ mci->pvt_info = NULL;
+ mci_lookup[pvt->mc_node_id] = NULL;
+
+ kfree(pvt);
edac_mc_free(mci);
}

--
1.6.5.4

--
Regards/Gruss,
Boris.

Operating | Advanced Micro Devices GmbH
System | Karl-Hammerschmidt-Str. 34, 85609 Dornach b. München, Germany
Research | Geschäftsführer: Andrew Bowd, Thomas M. McCoy, Giuliano Meroni
Center | Sitz: Dornach, Gemeinde Aschheim, Landkreis München
(OSRC) | Registergericht München, HRB Nr. 43632

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Alexander Strakh: "[PATCH] 3c507.c: remove unused NULL pointer check"
Previous message: OGAWA Hirofumi: "Re: utimensat fails to update ctime"
In reply to: Darren Jenkins: "drivers/edac/ move a kfree() to after last use"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]