git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Todd Kjos <tkjos@google.com>
	Tue, 1 Oct 2024 23:11:47 +0000 (23:11 +0000)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Sat, 14 Dec 2024 18:51:04 +0000 (19:51 +0100)
commit	403efb4457c0c8f8f51e904cc57d39193780c6bd
tree	8963f968a934bcd27bcd156ecaf1c96faeb462b2	tree
parent	656af7b3dcf1442308ffbea242406d8d4eeb0fa4	commit \| diff

PCI: Fix reset_method_store() memory leak

[ Upstream commit 2985b1844f3f3447f2d938eff1ef6762592065a5 ]

In reset_method_store(), a string is allocated via kstrndup() and assigned
to the local "options". options is then used in with strsep() to find
spaces:

while ((name = strsep(&options, " ")) != NULL) {

If there are no remaining spaces, then options is set to NULL by strsep(),
so the subsequent kfree(options) doesn't free the memory allocated via
kstrndup().

Fix by using a separate tmp_options to iterate with strsep() so options is
preserved.

Link: https://lore.kernel.org/r/20241001231147.3583649-1-tkjos@google.com
Fixes: d88f521da3ef ("PCI: Allow userspace to query and set device reset mechanism")
Signed-off-by: Todd Kjos <tkjos@google.com>
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>