On Mon, 18 Feb 2019 23:07:23 +0100
Jann Horn <ja...@google.com> wrote:
> The first version of this method was missing the check for
> `ret == PATH_MAX`; then such a check was added, but it didn't call kfree()
> on error, so there was still a small memory leak in the error case.
> Fix it by using strndup_user() instead of open-coding it.
>
This looks good to me.
Reviewed-by: Masami Hiramatsu <mhira...@kernel.org>
Thank you!
> Fixes: 0eadcc7a7bc0 ("perf/core: Fix perf_uprobe_init()")
> Signed-off-by: Jann Horn <ja...@google.com>
> ---
> compile-tested only
>
> kernel/trace/trace_event_perf.c | 14 +++++---------
> 1 file changed, 5 insertions(+), 9 deletions(-)
>
> diff --git a/kernel/trace/trace_event_perf.c b/kernel/trace/trace_event_perf.c
> index 76217bbef815..c744b02081c3 100644
> --- a/kernel/trace/trace_event_perf.c
> +++ b/kernel/trace/trace_event_perf.c
> @@ -299,15 +299,11 @@ int perf_uprobe_init(struct perf_event *p_event,
>
> if (!p_event->attr.uprobe_path)
> return -EINVAL;
> - path = kzalloc(PATH_MAX, GFP_KERNEL);
> - if (!path)
> - return -ENOMEM;
> - ret = strncpy_from_user(
> - path, u64_to_user_ptr(p_event->attr.uprobe_path), PATH_MAX);
> - if (ret == PATH_MAX)
> - return -E2BIG;
> - if (ret < 0)
> - goto out;
> +
> + path = strndup_user(u64_to_user_ptr(p_event->attr.uprobe_path),
> + PATH_MAX);
> + if (IS_ERR(path))
> + return PTR_ERR(path);
> if (path[0] == '\0') {
> ret = -EINVAL;
> goto out;
> --
> 2.21.0.rc0.258.g878e2cd30e-goog
>
--
Masami Hiramatsu <mhira...@kernel.org>
