1. Patchew
  2. linux
  3. View series

[PATCH net v2] qlcnic: fix memory leak in qlcnic_sriov_channel_cfg_cmd()

Abdun Nihaal posted 1 patch 7 months, 1 week ago 
drivers/net/ethernet/qlogic/qlcnic/qlcnic_sriov_common.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
[PATCH net v2] qlcnic: fix memory leak in qlcnic_sriov_channel_cfg_cmd()
Posted by Abdun Nihaal 7 months, 1 week ago 
In one of the error paths in qlcnic_sriov_channel_cfg_cmd(), the memory
allocated in qlcnic_sriov_alloc_bc_mbx_args() for mailbox arguments is
not freed. Fix that by jumping to the error path that frees them, by
calling qlcnic_free_mbx_args(). This was found using static analysis.

Fixes: f197a7aa6288 ("qlcnic: VF-PF communication channel implementation")
Signed-off-by: Abdun Nihaal <abdun.nihaal@gmail.com>
---
This patch is only compile tested. Not tested on real hardware.

V1->V2 : Added information about how the bug was found and how the 
patch was tested, as suggested by Simon Horman.

 drivers/net/ethernet/qlogic/qlcnic/qlcnic_sriov_common.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/drivers/net/ethernet/qlogic/qlcnic/qlcnic_sriov_common.c b/drivers/net/ethernet/qlogic/qlcnic/qlcnic_sriov_common.c
index 28d24d59efb8..d57b976b9040 100644
--- a/drivers/net/ethernet/qlogic/qlcnic/qlcnic_sriov_common.c
+++ b/drivers/net/ethernet/qlogic/qlcnic/qlcnic_sriov_common.c
@@ -1484,8 +1484,11 @@ static int qlcnic_sriov_channel_cfg_cmd(struct qlcnic_adapter *adapter, u8 cmd_o
 	}
 
 	cmd_op = (cmd.rsp.arg[0] & 0xff);
-	if (cmd.rsp.arg[0] >> 25 == 2)
-		return 2;
+	if (cmd.rsp.arg[0] >> 25 == 2) {
+		ret = 2;
+		goto out;
+	}
+
 	if (cmd_op == QLCNIC_BC_CMD_CHANNEL_INIT)
 		set_bit(QLC_BC_VF_STATE, &vf->state);
 	else
-- 
2.47.2
Re: [PATCH net v2] qlcnic: fix memory leak in qlcnic_sriov_channel_cfg_cmd()
Posted by Simon Horman 7 months, 1 week ago 
On Mon, May 12, 2025 at 10:18:27AM +0530, Abdun Nihaal wrote:
> In one of the error paths in qlcnic_sriov_channel_cfg_cmd(), the memory
> allocated in qlcnic_sriov_alloc_bc_mbx_args() for mailbox arguments is
> not freed. Fix that by jumping to the error path that frees them, by
> calling qlcnic_free_mbx_args(). This was found using static analysis.
> 
> Fixes: f197a7aa6288 ("qlcnic: VF-PF communication channel implementation")
> Signed-off-by: Abdun Nihaal <abdun.nihaal@gmail.com>
> ---
> This patch is only compile tested. Not tested on real hardware.
> 
> V1->V2 : Added information about how the bug was found and how the 
> patch was tested, as suggested by Simon Horman.
> 
>  drivers/net/ethernet/qlogic/qlcnic/qlcnic_sriov_common.c | 7 +++++--
>  1 file changed, 5 insertions(+), 2 deletions(-)

Thanks for the update.

Reviewed-by: Simon Horman <horms@kernel.org>

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.