Details

Issue of the Implementation # K0004

Brief

(ath5k) Memory kcalloc'ed in ath5k_eeprom_convert_pcal_info_* is not always kfree'd

Detailed Description

This problem concerns 'ath5k' driver.

When ath5k_hw_init() performs necessary initialization tasks, ath5k_eeprom_init() is called. One of ath5k_eeprom_convert_pcal_info_[5111|5112|2413]() functions is called then among other things. On the system where the problem showed up, it was ath5k_eeprom_convert_pcal_info_2413() but everything also applies to the other two functions.

(drivers/net/wireless/ath/ath5k/eeprom.c) ath5k_eeprom_convert_pcal_info_2413() allocates several memory blocks in 'for' loops with kcalloc (see the lines 1153, 1176, 1182). If one of these allocations fails, the memory blocks allocated in ath5k_eeprom_convert_pcal_info_2413() before will probably never be freed.

They could be freed by ath5k_eeprom_free_pcal_info() but this function is not called in this case.

Component

linux-kernel 2.6.39-rc1

References

Problems found by KEDR

Accepted

Kernel Bug Tracker, bug #32722

Status

Fixed in the kernel 3.0

[Home]

Русский

About Us

Projects

Results