1. Patchew
  2. linux
  3. View series

[PATCH] media: uvc_v4l2: fix possible memory leak in uvc_ioctl_ctrl_map

Hangyu Hua posted 1 patch 4 years, 2 months ago 
drivers/media/usb/uvc/uvc_v4l2.c | 1 +
1 file changed, 1 insertion(+)
[PATCH] media: uvc_v4l2: fix possible memory leak in uvc_ioctl_ctrl_map
Posted by Hangyu Hua 4 years, 2 months ago 
map->name needs to be freed when uvc_ioctl_ctrl_map fails.

Signed-off-by: Hangyu Hua <hbh25y@gmail.com>
---
 drivers/media/usb/uvc/uvc_v4l2.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/drivers/media/usb/uvc/uvc_v4l2.c b/drivers/media/usb/uvc/uvc_v4l2.c
index 711556d13d03..e46a2f3b06cb 100644
--- a/drivers/media/usb/uvc/uvc_v4l2.c
+++ b/drivers/media/usb/uvc/uvc_v4l2.c
@@ -93,6 +93,7 @@ static int uvc_ioctl_ctrl_map(struct uvc_video_chain *chain,
 
 	kfree(map->menu_info);
 free_map:
+	kfree(map->name);
 	kfree(map);
 
 	return ret;
-- 
2.25.1
Re: [PATCH] media: uvc_v4l2: fix possible memory leak in uvc_ioctl_ctrl_map
Posted by Laurent Pinchart 4 years, 2 months ago 
Hi Hangyu,

Thank you for the patch.

On Thu, Mar 24, 2022 at 04:17:18PM +0800, Hangyu Hua wrote:
> map->name needs to be freed when uvc_ioctl_ctrl_map fails.
> 
> Signed-off-by: Hangyu Hua <hbh25y@gmail.com>
> ---
>  drivers/media/usb/uvc/uvc_v4l2.c | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/drivers/media/usb/uvc/uvc_v4l2.c b/drivers/media/usb/uvc/uvc_v4l2.c
> index 711556d13d03..e46a2f3b06cb 100644
> --- a/drivers/media/usb/uvc/uvc_v4l2.c
> +++ b/drivers/media/usb/uvc/uvc_v4l2.c
> @@ -93,6 +93,7 @@ static int uvc_ioctl_ctrl_map(struct uvc_video_chain *chain,
>  
>  	kfree(map->menu_info);
>  free_map:
> +	kfree(map->name);

The memory is actually freed in uvc_ctrl_cleanup_mappings() in the
non-error case. I think we could improve this by avoiding the kmemdup()
in this function, and duplicating the name in __uvc_ctrl_add_mapping()
instead. What do you think ?

>  	kfree(map);
>  
>  	return ret;

-- 
Regards,

Laurent Pinchart
Re: [PATCH] media: uvc_v4l2: fix possible memory leak in uvc_ioctl_ctrl_map
Posted by Ricardo Ribalda 4 years, 2 months ago 
Isnt it a dupe of:
https://patchwork.linuxtv.org/project/linux-media/patch/20211008120914.69175-1-ribalda@chromium.org/
?

On Thu, 24 Mar 2022 at 18:13, Hangyu Hua <hbh25y@gmail.com> wrote:
>
> map->name needs to be freed when uvc_ioctl_ctrl_map fails.
>
> Signed-off-by: Hangyu Hua <hbh25y@gmail.com>
> ---
>  drivers/media/usb/uvc/uvc_v4l2.c | 1 +
>  1 file changed, 1 insertion(+)
>
> diff --git a/drivers/media/usb/uvc/uvc_v4l2.c b/drivers/media/usb/uvc/uvc_v4l2.c
> index 711556d13d03..e46a2f3b06cb 100644
> --- a/drivers/media/usb/uvc/uvc_v4l2.c
> +++ b/drivers/media/usb/uvc/uvc_v4l2.c
> @@ -93,6 +93,7 @@ static int uvc_ioctl_ctrl_map(struct uvc_video_chain *chain,
>
>         kfree(map->menu_info);
>  free_map:
> +       kfree(map->name);
>         kfree(map);
>
>         return ret;
> --
> 2.25.1
>


-- 
Ricardo Ribalda
Re: [PATCH] media: uvc_v4l2: fix possible memory leak in uvc_ioctl_ctrl_map
Posted by Laurent Pinchart 4 years, 2 months ago 
On Thu, Mar 24, 2022 at 06:17:18PM +0100, Ricardo Ribalda wrote:
> Isnt it a dupe of:
> https://patchwork.linuxtv.org/project/linux-media/patch/20211008120914.69175-1-ribalda@chromium.org/
> ?

It is. I'll review that one.

> On Thu, 24 Mar 2022 at 18:13, Hangyu Hua <hbh25y@gmail.com> wrote:
> >
> > map->name needs to be freed when uvc_ioctl_ctrl_map fails.
> >
> > Signed-off-by: Hangyu Hua <hbh25y@gmail.com>
> > ---
> >  drivers/media/usb/uvc/uvc_v4l2.c | 1 +
> >  1 file changed, 1 insertion(+)
> >
> > diff --git a/drivers/media/usb/uvc/uvc_v4l2.c b/drivers/media/usb/uvc/uvc_v4l2.c
> > index 711556d13d03..e46a2f3b06cb 100644
> > --- a/drivers/media/usb/uvc/uvc_v4l2.c
> > +++ b/drivers/media/usb/uvc/uvc_v4l2.c
> > @@ -93,6 +93,7 @@ static int uvc_ioctl_ctrl_map(struct uvc_video_chain *chain,
> >
> >         kfree(map->menu_info);
> >  free_map:
> > +       kfree(map->name);
> >         kfree(map);
> >
> >         return ret;

-- 
Regards,

Laurent Pinchart

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.