From: Jesper Juhl <jesper.juhl@gmail.com>
Date: Sat, 13 May 2006 23:07:18 +0000 (+0200)
Subject: mtd: fix memory leaks in phram_setup
X-Git-Tag: firefly_0821_release~35482^2~115
X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=4f678a58d335291ce9213c049bbe16e6d24487ed;p=firefly-linux-kernel-4.4.55.git

mtd: fix memory leaks in phram_setup

There are two code paths in drivers/mtd/devices/phram.c::phram_setup() that
will leak memory.
Memory is allocated to the variable 'name' with kmalloc() by the
parse_name() function, but if we leave by way of the parse_err() macro,
then that memory is never kfree()'d, nor is it ever used with
register_device() so it won't be freed later either - leak.

Found by the Coverity checker as #593 - simple fix below.

Signed-off-by: Jesper Juhl <jesper.juhl@gmail.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
---

diff --git a/drivers/mtd/devices/phram.c b/drivers/mtd/devices/phram.c
index 41af9693d880..68d39cc9df71 100644
--- a/drivers/mtd/devices/phram.c
+++ b/drivers/mtd/devices/phram.c
@@ -266,12 +266,16 @@ static int phram_setup(const char *val, struct kernel_param *kp)
 		return 0;
 
 	ret = parse_num32(&start, token[1]);
-	if (ret)
+	if (ret) {
+		kfree(name);
 		parse_err("illegal start address\n");
+	}
 
 	ret = parse_num32(&len, token[2]);
-	if (ret)
+	if (ret) {
+		kfree(name);
 		parse_err("illegal device length\n");
+	}
 
 	register_device(name, start, len);