linux/drivers/block
Jesper Juhl 07fb75a506 [SCSI] fix (unlikely) memory leak in DAC960 driver
The Coverity checker found a memory leak (bug nr. 1245) in
 drivers/block/DAC960.c::DAC960_V2_ProcessCompletedCommand()

The leak is pretty unlikely since it requires that the first of two
successive kmalloc() calls fail while the second one succeeds. But it can
still happen even if it's unlikely.

If the first call that allocates 'PhysicalDeviceInfo' fails but the one
that allocates 'InquiryUnitSerialNumber' succeeds, then we will leak the
memory allocated to 'InquiryUnitSerialNumber' when the variable goes out
of scope.

A simple fix for this is to change the existing code that frees
'PhysicalDeviceInfo' if that one was allocated but
'InquiryUnitSerialNumber' was not, into a check for either pointer
being NULL and if so just free both. This is safe since kfree() can
deal with being passed a NULL pointer and it avoids the leak.

While I was there I also removed the casts of the kmalloc() return
value since it's pointless.
I also updated the driver version since this patch changes the workings of
the code (however slightly).

This issue could probably be fixed a lot more elegantly, but the code
is a big mess IMHO and I just took the least intrusive route to a fix
that I could find instead of starting on a cleanup as well (that can
come later).

Please consider for inclusion.

Signed-off-by: Jesper Juhl <jesper.juhl@gmail.com>
Signed-off-by: James Bottomley <James.Bottomley@SteelEye.com>
2006-05-20 09:23:23 -05:00
..
aoe [PATCH] mempool: use mempool_create_slab_pool() 2006-03-26 08:57:00 -08:00
paride [PATCH] drivers/block/paride/pd.c: fix an off-by-one error 2006-03-28 09:16:03 -08:00
acsi_slm.c [PATCH] drivers/block/acsi_slm.c: size_t can't be < 0 2006-03-28 09:16:03 -08:00
acsi.c [PATCH] Add block_device_operations.getgeo block device method 2006-01-08 20:13:54 -08:00
amiflop.c [PATCH] Don't pass boot parameters to argv_init[] 2006-03-31 12:18:53 -08:00
ataflop.c [PATCH] Remove MODULE_PARM 2006-03-25 08:22:52 -08:00
cciss_cmd.h [PATCH] cciss: direct lookup for command completions 2005-09-13 08:22:30 -07:00
cciss_scsi.c [PATCH] kzalloc() conversion in drivers/block 2006-03-27 09:29:02 +02:00
cciss_scsi.h
cciss.c [PATCH] unused label in drivers/block/cciss. 2006-03-27 09:29:03 +02:00
cciss.h [PATCH] cciss: avoid defining useless MAJOR_NR macro 2006-01-08 20:14:09 -08:00
cpqarray.c BUG_ON() Conversion in drivers/block/ 2006-03-24 18:50:27 +01:00
cpqarray.h
cryptoloop.c [CRYPTO]: Use CRYPTO_TFM_REQ_MAY_SLEEP where appropriate 2005-09-01 17:43:25 -07:00
DAC960.c [SCSI] fix (unlikely) memory leak in DAC960 driver 2006-05-20 09:23:23 -05:00
DAC960.h
floppy.c [PATCH] drivers/block/*: use time_after() and friends 2006-03-28 09:16:06 -08:00
ida_cmd.h
ida_ioctl.h
Kconfig [PATCH] let BLK_DEV_RAM_COUNT depend on BLK_DEV_RAM 2006-03-28 09:16:02 -08:00
loop.c [PATCH] loop: potential kernel hang waiting for kthread 2006-03-26 08:56:57 -08:00
Makefile [PATCH] block: floppy98 removal, really. 2006-03-24 07:33:26 -08:00
nbd.c [PATCH] drivers/block/nbd.c: don't defer compile error to runtime 2006-03-25 08:22:52 -08:00
pktcdvd.c [PATCH] mempool: use common mempool kmalloc allocator 2006-03-26 08:56:59 -08:00
ps2esdi.c [PATCH] Fix drivers/block/ps2esdi.c compile 2006-01-16 20:24:45 -08:00
rd.c [PATCH] set_page_dirty() return value fixes 2006-03-24 07:33:26 -08:00
smart1,2.h
swim3.c [PATCH] powerpc: Remove device_node addrs/n_addr 2006-01-09 14:53:55 +11:00
swim_iop.c [PATCH] drivers/block: fix-up schedule_timeout() usage 2005-09-10 10:06:38 -07:00
sx8.c Merge master.kernel.org:/pub/scm/linux/kernel/git/gregkh/pci-2.6 2006-01-09 18:41:42 -08:00
ub.c [PATCH] USB: ub 03 drop stall clearing 2006-03-20 14:50:00 -08:00
umem.c [PATCH] Replace 0xff.. with correct DMA_xBIT_MASK 2006-03-28 09:16:07 -08:00
viodasd.c [PATCH] powerpc: remove bitfields from HvLpEvent 2006-01-12 20:09:29 +11:00
xd.c [PATCH] drivers/block: Use ARRAY_SIZE macro 2006-01-08 20:14:08 -08:00
xd.h
z2ram.c [PATCH] vfree and kfree cleanup in drivers/ 2005-09-10 10:06:30 -07:00