bpftool: Fix memory leak in prog_dump()

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Following the extraction of prog_dump() from do_dump(), the struct btf
allocated in prog_dump() is no longer freed on error; the struct
bpf_prog_linfo is not freed at all. Make sure we release them before
exiting the function.

Fixes: ec2025095cf6 ("bpftool: Match several programs with same tag")
Signed-off-by: Quentin Monnet <quentin@isovalent.com>
Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Link: https://lore.kernel.org/bpf/20211110114632.24537-2-quentin@isovalent.com

authored by

Quentin Monnet and committed by

Andrii Nakryiko 4 years ago ebbd7f64 325d956d

+9 -6

1 changed file

expand all

tools

bpf

bpftool

prog.c

+9 -6

tools/bpf/bpftool/prog.c

··· 709 709 char func_sig[1024]; 710 710 unsigned char *buf; 711 711 __u32 member_len; 712 + int fd, err = -1; 712 713 ssize_t n; 713 - int fd; 714 714 715 715 if (mode == DUMP_JITED) { 716 716 if (info->jited_prog_len == 0 || !info->jited_prog_insns) { ··· 749 749 if (fd < 0) { 750 750 p_err("can't open file %s: %s", filepath, 751 751 strerror(errno)); 752 - return -1; 752 + goto exit_free; 753 753 } 754 754 755 755 n = write(fd, buf, member_len); ··· 757 757 if (n != (ssize_t)member_len) { 758 758 p_err("error writing output file: %s", 759 759 n < 0 ? strerror(errno) : "short write"); 760 - return -1; 760 + goto exit_free; 761 761 } 762 762 763 763 if (json_output) ··· 771 771 info->netns_ino, 772 772 &disasm_opt); 773 773 if (!name) 774 - return -1; 774 + goto exit_free; 775 775 } 776 776 777 777 if (info->nr_jited_func_lens && info->jited_func_lens) { ··· 866 866 kernel_syms_destroy(&dd); 867 867 } 868 868 869 - btf__free(btf); 869 + err = 0; 870 870 871 - return 0; 871 + exit_free: 872 + btf__free(btf); 873 + bpf_prog_linfo__free(prog_linfo); 874 + return err; 872 875 } 873 876 874 877 static int do_dump(int argc, char **argv)