Re: [PATCH] thermal/lib: Fix memory leak on error in thermal_genl_auto()

From: Lukasz Luba
Date: Thu Oct 24 2024 - 09:31:56 EST




On 10/24/24 14:18, Rafael J. Wysocki wrote:
On Thu, Oct 24, 2024 at 2:57 PM Daniel Lezcano
<daniel.lezcano@xxxxxxxxxx> wrote:

On 24/10/2024 14:02, Markus Elfring wrote:
The function thermal_genl_auto() does not free the allocated message
in the error path. Fix that by putting a out label and jump to it
which will free the message instead of directly returning an error.

Would you like to add any tags (like “Fixes” and “Cc”) accordingly?
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/process/submitting-patches.rst?h=v6.12-rc4#n145



+++ b/tools/lib/thermal/commands.c
@@ -375,27 +375,30 @@ static thermal_error_t thermal_genl_auto(struct thermal_handler *th, cmd_cb_t cm
struct cmd_param *param,
int cmd, int flags, void *arg)
{
+ thermal_error_t ret = THERMAL_ERROR;
struct nl_msg *msg;
void *hdr;

msg = nlmsg_alloc();
if (!msg)
- return THERMAL_ERROR;
+ goto out;


Is it really reasonable to pass a null pointer (from a failed function call)
to a subsequent nlmsg_free() call?

You are right, I should return here :S

Do you want to respin it?

Alternatively, I can fix it up when applying the patch.

The nlmskg_free() function should handle that similar to kfree().
Under the hood there is a check in skb_unref():
if (unlikely(!skb))

AFAIK the kfree() is used similar way and NULL is part of generic
case sometimes, not handles with extra code.

Up to you. You can keep my review tag in both cases.