]> err.no Git - linux-2.6/commitdiff
[IPV4]: Fix memory leak in inet_hashtables.h when NUMA is on
authorPavel Emelyanov <xemul@openvz.org>
Mon, 26 Nov 2007 12:23:31 +0000 (20:23 +0800)
committerHerbert Xu <herbert@gondor.apana.org.au>
Mon, 26 Nov 2007 12:23:31 +0000 (20:23 +0800)
The inet_ehash_locks_alloc() looks like this:

#ifdef CONFIG_NUMA
if (size > PAGE_SIZE)
x = vmalloc(...);
else
#endif
x = kmalloc(...);

Unlike it, the inet_ehash_locks_alloc() looks like this:

#ifdef CONFIG_NUMA
if (size > PAGE_SIZE)
vfree(x);
else
#else
kfree(x);
#endif

The error is obvious - if the NUMA is on and the size
is less than the PAGE_SIZE we leak the pointer (kfree is
inside the #else branch).

Compiler doesn't warn us because after the kfree(x) there's
a "x = NULL" assignment, so here's another (minor?) bug: we
don't set x to NULL under certain circumstances.

Boring explanation, I know... Patch explains it better.

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
include/net/inet_hashtables.h

index 469216d936631d3e76a4d92544b7e9f32e5c0706..37f6cb11212723f7f2094a16b6cec92bbe9ef670 100644 (file)
@@ -186,9 +186,8 @@ static inline void inet_ehash_locks_free(struct inet_hashinfo *hashinfo)
                if (size > PAGE_SIZE)
                        vfree(hashinfo->ehash_locks);
                else
-#else
-               kfree(hashinfo->ehash_locks);
 #endif
+               kfree(hashinfo->ehash_locks);
                hashinfo->ehash_locks = NULL;
        }
 }