ACPI: custom_method: fix a possible memory leak

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

In cm_write(), if the 'buf' is allocated memory but not fully consumed,
it is possible to reallocate the buffer without freeing it by passing
'*ppos' as 0 on a subsequent call.

Add an explicit kfree() before kzalloc() to prevent the possible memory
leak.

Fixes: 526b4af47f44 ("ACPI: Split out custom_method functionality into an own driver")
Signed-off-by: Mark Langsdorf <mlangsdo@redhat.com>
Cc: 5.4+ <stable@vger.kernel.org> # 5.4+
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>

authored by

Mark Langsdorf and committed by

Rafael J. Wysocki 5 years ago 1cfd8956 e483bb9a

1 changed file

expand all

drivers

acpi

custom_method.c

drivers/acpi/custom_method.c

··· 42 42 sizeof(struct acpi_table_header))) 43 43 return -EFAULT; 44 44 uncopied_bytes = max_size = table.length; 45 + /* make sure the buf is not allocated */ 46 + kfree(buf); 45 47 buf = kzalloc(max_size, GFP_KERNEL); 46 48 if (!buf) 47 49 return -ENOMEM;