From: Wenwen Wang Date: Fri, 16 Aug 2019 05:08:27 +0000 (-0500) Subject: ACPI: custom_method: fix memory leaks X-Git-Tag: Ubuntu-5.3.0-20.21~591 X-Git-Url: https://git.proxmox.com/?a=commitdiff_plain;h=2aa32cc5fd500ec3342238485ca93757edef248f;p=mirror_ubuntu-eoan-kernel.git ACPI: custom_method: fix memory leaks BugLink: https://bugs.launchpad.net/bugs/1848046 [ Upstream commit 03d1571d9513369c17e6848476763ebbd10ec2cb ] In cm_write(), 'buf' is allocated through kzalloc(). In the following execution, if an error occurs, 'buf' is not deallocated, leading to memory leaks. To fix this issue, free 'buf' before returning the error. Fixes: 526b4af47f44 ("ACPI: Split out custom_method functionality into an own driver") Signed-off-by: Wenwen Wang Signed-off-by: Rafael J. Wysocki Signed-off-by: Sasha Levin Signed-off-by: Paolo Pisati Signed-off-by: Kleber Sacilotto de Souza --- diff --git a/drivers/acpi/custom_method.c b/drivers/acpi/custom_method.c index 33b821be0600..bb6ad921742c 100644 --- a/drivers/acpi/custom_method.c +++ b/drivers/acpi/custom_method.c @@ -52,8 +52,10 @@ static ssize_t cm_write(struct file *file, const char __user * user_buf, if ((*ppos > max_size) || (*ppos + count > max_size) || (*ppos + count < count) || - (count > uncopied_bytes)) + (count > uncopied_bytes)) { + kfree(buf); return -EINVAL; + } if (copy_from_user(buf + (*ppos), user_buf, count)) { kfree(buf); @@ -73,6 +75,7 @@ static ssize_t cm_write(struct file *file, const char __user * user_buf, add_taint(TAINT_OVERRIDDEN_ACPI_TABLE, LOCKDEP_NOW_UNRELIABLE); } + kfree(buf); return count; }