hollalinux
/
linux-sg2042
mirror of https://github.com/sophgo/linux-riscv.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

MIPS: Fix memory leak in error path of HI16/LO16 relocation handling. 

Commit 6f5d2e970452b5c86906adcb8e7ad246f535ba39 (lmo) /
477c4b0740 (kernel.org) [[MIPS: VPE: Free
relocation chain on error.] fixed the same issue in the vpe loader in 2009
but back then the same bug in module.c went unfixed.

Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
Reported-by: Akhilesh Kumar <akhilesh.lxr@gmail.com>
This commit is contained in:
Ralf Baechle 2012-08-08 14:57:03 +02:00
parent 143ec74eb1
commit d3cac35cd0
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
arch/mips/kernel/module.c
View File

@ -146,16 +146,15 @@ static int apply_r_mips_lo16_rel(struct module *me, u32 *location, Elf_Addr v)
{ {
unsigned long insnlo = *location; unsigned long insnlo = *location;
Elf_Addr val, vallo; Elf_Addr val, vallo;
struct mips_hi16 *l, *next;
/* Sign extend the addend we extract from the lo insn. */ /* Sign extend the addend we extract from the lo insn. */
vallo = ((insnlo & 0xffff) ^ 0x8000) - 0x8000; vallo = ((insnlo & 0xffff) ^ 0x8000) - 0x8000;
if (mips_hi16_list != NULL) { if (mips_hi16_list != NULL) {
struct mips_hi16 *l;
l = mips_hi16_list; l = mips_hi16_list;
while (l != NULL) { while (l != NULL) {
struct mips_hi16 *next;
unsigned long insn; unsigned long insn;
/* /*
@ -201,6 +200,12 @@ static int apply_r_mips_lo16_rel(struct module *me, u32 *location, Elf_Addr v)
return 0; return 0;
out_danger: out_danger:
while (l) {
next = l->next;
kfree(l);
l = next;
}
pr_err("module %s: dangerous R_MIPS_LO16 REL relocation\n", me->name); pr_err("module %s: dangerous R_MIPS_LO16 REL relocation\n", me->name);
return -ENOEXEC; return -ENOEXEC;