[Bugme-new] [Bug 32722] New: Memory kcalloc'ed in ath5k_eeprom_convert_pcal_info_*() is not always kfree'd

[bugzilla-daemon at bugzilla.kernel.org]

https://bugzilla.kernel.org/show_bug.cgi?id=32722

           Summary: Memory kcalloc'ed in
                    ath5k_eeprom_convert_pcal_info_*() is not always
                    kfree'd
           Product: Drivers
           Version: 2.5
    Kernel Version: 2.6.39-rc1
          Platform: All
        OS/Version: Linux
              Tree: Mainline
            Status: NEW
          Severity: normal
          Priority: P1
         Component: network-wireless
        AssignedTo: drivers_network-wireless at kernel-bugs.osdl.org
        ReportedBy: dame_eugene at mail.ru
        Regression: No


This problem concerns 'ath5k' driver. 

When ath5k_hw_init() performs necessary initialization tasks,
ath5k_eeprom_init() is called. One of
ath5k_eeprom_convert_pcal_info_[5111|5112|2413]() functions is called then
among other things. On my system, it is ath5k_eeprom_convert_pcal_info_2413()
but everything also applies to the other two functions.

(drivers/net/wireless/ath/ath5k/eeprom.c) 
ath5k_eeprom_convert_pcal_info_2413() allocates several memory blocks in 'for'
loops with kcalloc (see the lines 1153, 1176, 1182). It seems unlikely that any
of these allocations will fail, the sizes of the memory blocks are rather
small. Nevertheless, if one of these allocations fails, the memory blocks
allocated in ath5k_eeprom_convert_pcal_info_2413() before will probably never
be freed.

They could be freed by ath5k_eeprom_free_pcal_info() but this function is not
called in this case. 

Not a critical problem, it seems, but still.

-- 
Configure bugmail: https://bugzilla.kernel.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.