| Message ID | tencent_3C5078D216712F6F21FC8792FADED59A3D09@qq.com |
|---|---|
| State | New |
| Headers | show |
| Series | scsi: qedf: Fix a possible memory leak in qedf_prepare_sb() | expand |
diff --git a/drivers/scsi/qedf/qedf_main.c b/drivers/scsi/qedf/qedf_main.c index 6b1ebab36fa3..8767d9de819f 100644 --- a/drivers/scsi/qedf/qedf_main.c +++ b/drivers/scsi/qedf/qedf_main.c @@ -2809,7 +2809,17 @@ static int qedf_prepare_sb(struct qedf_ctx *qedf) sizeof(struct fcoe_cqe); } err: - return 0; +for (int i = 0; i < id; i++) { + fp = &qedf->fp_array[i]; +if (fp->sb_info) { + qedf_free_sb(qedf, fp->sb_info); +kfree(fp->sb_info); +fp->sb_info = NULL; +} +} +kfree(qedf->fp_array); +qedf->fp_array = NULL; +return -ENOMEM; } void qedf_process_cqe(struct qedf_ctx *qedf, struct fcoe_cqe *cqe)
A memory leak vulnerability found in linux/drivers/scsi/qedf/qedf_main.c , qedf_prepare_sb Function Due to Missing Resource Cleanup in Error Path. The qedf_prepare_sb function allocates resources in a loop for multiple queues. If an allocation fails mid-loop (e.g., kcalloc for fp->sb_info or qedf_alloc_and_init_sb fails), the error path (goto err) returns without freeing resources allocated in previous iterations Signed-off-by: jackysliu <1972843537@qq.com> --- drivers/scsi/qedf/qedf_main.c | 12 +++++++++++- 1 files changed, 11 insertions(+), 1 deletions(-)