Skip to content

Commit becc4ca

Browse files
Aleksandr MiloserdovChristoph Hellwig
Aleksandr Miloserdov
authored and
Christoph Hellwig
committed
nvmet: fix memory leak in nvmet_subsys_attr_model_store_locked
Since model_number is allocated before it needs to be freed before kmemdump_nul. Reviewed-by: Konstantin Shelekhin <k.shelekhin@yadro.com> Reviewed-by: Dmitriy Bogdanov <d.bogdanov@yadro.com> Signed-off-by: Aleksandr Miloserdov <a.miloserdov@yadro.com> Reviewed-by: Sagi Grimberg <sagi@grimberg.me> Signed-off-by: Christoph Hellwig <hch@lst.de>
1 parent d7ac8dc commit becc4ca

File tree

1 file changed

+5
-2
lines changed

1 file changed

+5
-2
lines changed

drivers/nvme/target/configfs.c

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1215,6 +1215,7 @@ static ssize_t nvmet_subsys_attr_model_store_locked(struct nvmet_subsys *subsys,
12151215
const char *page, size_t count)
12161216
{
12171217
int pos = 0, len;
1218+
char *val;
12181219

12191220
if (subsys->subsys_discovered) {
12201221
pr_err("Can't set model number. %s is already assigned\n",
@@ -1237,9 +1238,11 @@ static ssize_t nvmet_subsys_attr_model_store_locked(struct nvmet_subsys *subsys,
12371238
return -EINVAL;
12381239
}
12391240

1240-
subsys->model_number = kmemdup_nul(page, len, GFP_KERNEL);
1241-
if (!subsys->model_number)
1241+
val = kmemdup_nul(page, len, GFP_KERNEL);
1242+
if (!val)
12421243
return -ENOMEM;
1244+
kfree(subsys->model_number);
1245+
subsys->model_number = val;
12431246
return count;
12441247
}
12451248

0 commit comments

Comments
 (0)