| Message ID | 20230924065013.1081471-1-visitorckw@gmail.com |
|---|---|
| State | New |
| Headers | show |
| Series | tools/thermal: fix memory leak in realloc failure handling | expand |
Hi Kuan-Wei, On 24/09/2023 08:50, Kuan-Wei Chiu wrote: > In the previous code, there was a memory leak issue where the > previously allocated memory was not freed upon a failed realloc > operation. This patch addresses the problem by releasing the old memory > before setting the pointer to NULL in case of a realloc failure. This > ensures that memory is properly managed and avoids potential memory > leaks. Thanks for reporting the issue and proposing the fix. The description is not accurate actually, neither the fix. What is happening is we are losing the pointer information as the 'mds' variable is a global variable. So the assignation will overwrite the current pointer if it fails. That leads to a NULL pointer dereference in the mainloop_del. Looking closer to the code, it seems 'mds' is not used as the stored information is not accessed. For my understanding, we can just remove the: static struct mainloop_data **mds and static unsigned short nrhandler; along with the associated code > Signed-off-by: Kuan-Wei Chiu <visitorckw@gmail.com> > --- > tools/thermal/lib/mainloop.c | 8 ++++++-- > 1 file changed, 6 insertions(+), 2 deletions(-) > > diff --git a/tools/thermal/lib/mainloop.c b/tools/thermal/lib/mainloop.c > index 94cbbcbd1c14..6dcc4090d47e 100644 > --- a/tools/thermal/lib/mainloop.c > +++ b/tools/thermal/lib/mainloop.c > @@ -62,9 +62,13 @@ int mainloop_add(int fd, mainloop_callback_t cb, void *data) > struct mainloop_data *md; > > if (fd >= nrhandler) { > - mds = realloc(mds, sizeof(*mds) * (fd + 1)); > - if (!mds) > + struct mainloop_data **mds_tmp = > + realloc(mds, sizeof(*mds) * (fd + 1)); > + if (!mds_tmp) { > + free(mds); > return -1; > + } > + mds = mds_tmp; > nrhandler = fd + 1; > } >
diff --git a/tools/thermal/lib/mainloop.c b/tools/thermal/lib/mainloop.c index 94cbbcbd1c14..6dcc4090d47e 100644 --- a/tools/thermal/lib/mainloop.c +++ b/tools/thermal/lib/mainloop.c @@ -62,9 +62,13 @@ int mainloop_add(int fd, mainloop_callback_t cb, void *data) struct mainloop_data *md; if (fd >= nrhandler) { - mds = realloc(mds, sizeof(*mds) * (fd + 1)); - if (!mds) + struct mainloop_data **mds_tmp = + realloc(mds, sizeof(*mds) * (fd + 1)); + if (!mds_tmp) { + free(mds); return -1; + } + mds = mds_tmp; nrhandler = fd + 1; }
In the previous code, there was a memory leak issue where the previously allocated memory was not freed upon a failed realloc operation. This patch addresses the problem by releasing the old memory before setting the pointer to NULL in case of a realloc failure. This ensures that memory is properly managed and avoids potential memory leaks. Signed-off-by: Kuan-Wei Chiu <visitorckw@gmail.com> --- tools/thermal/lib/mainloop.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-)