| Message ID | 2ddd10ec9e009bbb85518355f1e09e1ecd349925.1685340968.git.christophe.jaillet@wanadoo.fr (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | media: v4l2-core: Fix a potential resource leak in v4l2_fwnode_parse_link() | expand |
Hi Christophe, On Mon, May 29, 2023 at 08:17:18AM +0200, Christophe JAILLET wrote: > 'fwnode is known to be NULL, at this point, so fwnode_handle_put() is a > no-op. > > Release the reference taken from a previous fwnode_graph_get_port_parent() > call instead. > > Fixes: ca50c197bd96 ("[media] v4l: fwnode: Support generic fwnode for parsing standardised properties") > Signed-off-by: Christophe JAILLET <christophe.jaillet@wanadoo.fr> > --- > /!\ THIS PATCH IS SPECULATIVE /!\ > review with care > --- > drivers/media/v4l2-core/v4l2-fwnode.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/media/v4l2-core/v4l2-fwnode.c b/drivers/media/v4l2-core/v4l2-fwnode.c > index 049c2f2001ea..b7dd467c53fd 100644 > --- a/drivers/media/v4l2-core/v4l2-fwnode.c > +++ b/drivers/media/v4l2-core/v4l2-fwnode.c > @@ -571,7 +571,7 @@ int v4l2_fwnode_parse_link(struct fwnode_handle *fwnode, > > fwnode = fwnode_graph_get_remote_endpoint(fwnode); > if (!fwnode) { > - fwnode_handle_put(fwnode); > + fwnode_handle_put(link->local_node); link->local_node also needs to be non-NULL for the successful case. The condition should take that into account. Could you send v2 with that? > return -ENOLINK; > } >
Le 13/06/2023 à 12:55, Sakari Ailus a écrit : > Hi Christophe, > > On Mon, May 29, 2023 at 08:17:18AM +0200, Christophe JAILLET wrote: >> 'fwnode is known to be NULL, at this point, so fwnode_handle_put() is a >> no-op. >> >> Release the reference taken from a previous fwnode_graph_get_port_parent() >> call instead. >> >> Fixes: ca50c197bd96 ("[media] v4l: fwnode: Support generic fwnode for parsing standardised properties") >> Signed-off-by: Christophe JAILLET <christophe.jaillet@wanadoo.fr> >> --- >> /!\ THIS PATCH IS SPECULATIVE /!\ >> review with care >> --- >> drivers/media/v4l2-core/v4l2-fwnode.c | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/drivers/media/v4l2-core/v4l2-fwnode.c b/drivers/media/v4l2-core/v4l2-fwnode.c >> index 049c2f2001ea..b7dd467c53fd 100644 >> --- a/drivers/media/v4l2-core/v4l2-fwnode.c >> +++ b/drivers/media/v4l2-core/v4l2-fwnode.c >> @@ -571,7 +571,7 @@ int v4l2_fwnode_parse_link(struct fwnode_handle *fwnode, >> >> fwnode = fwnode_graph_get_remote_endpoint(fwnode); >> if (!fwnode) { >> - fwnode_handle_put(fwnode); >> + fwnode_handle_put(link->local_node); > > link->local_node also needs to be non-NULL for the successful case. The > condition should take that into account. Could you send v2 with that? > >> return -ENOLINK; >> } >> > Hi, something like below? @@ -568,19 +568,25 @@ int v4l2_fwnode_parse_link(struct fwnode_handle *fwnode, link->local_id = fwep.id; link->local_port = fwep.port; link->local_node = fwnode_graph_get_port_parent(fwnode); + if (!link->local_node) + return -ENOLINK; fwnode = fwnode_graph_get_remote_endpoint(fwnode); - if (!fwnode) { - fwnode_handle_put(fwnode); - return -ENOLINK; - } + if (!fwnode) + goto err_put_local_node; fwnode_graph_parse_endpoint(fwnode, &fwep); link->remote_id = fwep.id; link->remote_port = fwep.port; link->remote_node = fwnode_graph_get_port_parent(fwnode); + if (!link->remote_node) + goto err_put_local_node; return 0; + +err_put_local_node: + fwnode_handle_put(link->local_node); + return -ENOLINK; } EXPORT_SYMBOL_GPL(v4l2_fwnode_parse_link); CJ
Hi Christophe, On Tue, Jun 13, 2023 at 07:15:40PM +0200, Christophe JAILLET wrote: > Le 13/06/2023 à 12:55, Sakari Ailus a écrit : > > Hi Christophe, > > > > On Mon, May 29, 2023 at 08:17:18AM +0200, Christophe JAILLET wrote: > > > 'fwnode is known to be NULL, at this point, so fwnode_handle_put() is a > > > no-op. > > > > > > Release the reference taken from a previous fwnode_graph_get_port_parent() > > > call instead. > > > > > > Fixes: ca50c197bd96 ("[media] v4l: fwnode: Support generic fwnode for parsing standardised properties") > > > Signed-off-by: Christophe JAILLET <christophe.jaillet@wanadoo.fr> > > > --- > > > /!\ THIS PATCH IS SPECULATIVE /!\ > > > review with care > > > --- > > > drivers/media/v4l2-core/v4l2-fwnode.c | 2 +- > > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > > > diff --git a/drivers/media/v4l2-core/v4l2-fwnode.c b/drivers/media/v4l2-core/v4l2-fwnode.c > > > index 049c2f2001ea..b7dd467c53fd 100644 > > > --- a/drivers/media/v4l2-core/v4l2-fwnode.c > > > +++ b/drivers/media/v4l2-core/v4l2-fwnode.c > > > @@ -571,7 +571,7 @@ int v4l2_fwnode_parse_link(struct fwnode_handle *fwnode, > > > fwnode = fwnode_graph_get_remote_endpoint(fwnode); > > > if (!fwnode) { > > > - fwnode_handle_put(fwnode); > > > + fwnode_handle_put(link->local_node); > > > > link->local_node also needs to be non-NULL for the successful case. The > > condition should take that into account. Could you send v2 with that? > > > > > return -ENOLINK; > > > } > > > > Hi, > something like below? Ah, remote_node must be non-NULL, too, indeed. It was surprisingly broken. > > @@ -568,19 +568,25 @@ int v4l2_fwnode_parse_link(struct fwnode_handle > *fwnode, > link->local_id = fwep.id; > link->local_port = fwep.port; > link->local_node = fwnode_graph_get_port_parent(fwnode); > + if (!link->local_node) > + return -ENOLINK; > > fwnode = fwnode_graph_get_remote_endpoint(fwnode); > - if (!fwnode) { > - fwnode_handle_put(fwnode); > - return -ENOLINK; > - } > + if (!fwnode) > + goto err_put_local_node; On error, fwnode needs to be put from this onwards, too. But you can use a single label: fwnode_handle_put() is NULL-safe. > > fwnode_graph_parse_endpoint(fwnode, &fwep); > link->remote_id = fwep.id; > link->remote_port = fwep.port; > link->remote_node = fwnode_graph_get_port_parent(fwnode); > + if (!link->remote_node) > + goto err_put_local_node; > > return 0; > + > +err_put_local_node: > + fwnode_handle_put(link->local_node); > + return -ENOLINK; > } > EXPORT_SYMBOL_GPL(v4l2_fwnode_parse_link);
diff --git a/drivers/media/v4l2-core/v4l2-fwnode.c b/drivers/media/v4l2-core/v4l2-fwnode.c index 049c2f2001ea..b7dd467c53fd 100644 --- a/drivers/media/v4l2-core/v4l2-fwnode.c +++ b/drivers/media/v4l2-core/v4l2-fwnode.c @@ -571,7 +571,7 @@ int v4l2_fwnode_parse_link(struct fwnode_handle *fwnode, fwnode = fwnode_graph_get_remote_endpoint(fwnode); if (!fwnode) { - fwnode_handle_put(fwnode); + fwnode_handle_put(link->local_node); return -ENOLINK; }
'fwnode is known to be NULL, at this point, so fwnode_handle_put() is a no-op. Release the reference taken from a previous fwnode_graph_get_port_parent() call instead. Fixes: ca50c197bd96 ("[media] v4l: fwnode: Support generic fwnode for parsing standardised properties") Signed-off-by: Christophe JAILLET <christophe.jaillet@wanadoo.fr> --- /!\ THIS PATCH IS SPECULATIVE /!\ review with care --- drivers/media/v4l2-core/v4l2-fwnode.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)