diff mbox series

[v3,31/33] gprs: Fix memory leak

Message ID 20240620145139.1135899-31-denkenz@gmail.com (mailing list archive)
State Accepted
Commit 1d6b11ef2b426a7fa663bb056637ddf28572e719
Headers show
Series [v3,01/33] qmi: Remove qmi_free() | expand

Commit Message

Denis Kenzior June 20, 2024, 2:51 p.m. UTC 
As reported by lsan:
==1120532==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 24 byte(s) in 1 object(s) allocated from:
    #0 0x761c0dadf359 in __interceptor_malloc /usr/src/debug/gcc/gcc/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x9ae9b9 in l_malloc ell/util.c:49
    #2 0x9f41a7 in l_uintset_new_from_range ell/uintset.c:181
    #3 0x8e486f in ofono_gprs_set_cid_range src/gprs.c:2669
    #4 0x55b8d0 in get_default_profile_number_cb drivers/qmimodem/gprs.c:399
    #5 0x52f822 in service_send_callback drivers/qmimodem/qmi.c:2311
    #6 0x51f461 in __rx_message drivers/qmimodem/qmi.c:801
    #7 0x521d22 in received_qmux_data drivers/qmimodem/qmi.c:1052
    #8 0x9da348 in io_callback ell/io.c:105
    #9 0x9d5077 in l_main_iterate ell/main.c:461
    #10 0x7811df in event_check src/main.c:182
    #11 0x761c0e1260ed  (/usr/lib/libglib-2.0.so.0+0x5b0ed) (BuildId: e717410de6953d0e1e85882d796204ca2675f1d4)
    #12 0x7ffe00000000  (<unknown module>)

Indirect leak of 8 byte(s) in 1 object(s) allocated from:
    #0 0x761c0dadf359 in __interceptor_malloc /usr/src/debug/gcc/gcc/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x9ae9b9 in l_malloc ell/util.c:49
    #2 0x9f4211 in l_uintset_new_from_range ell/uintset.c:182
    #3 0x8e486f in ofono_gprs_set_cid_range src/gprs.c:2669
    #4 0x55b8d0 in get_default_profile_number_cb drivers/qmimodem/gprs.c:399
    #5 0x52f822 in service_send_callback drivers/qmimodem/qmi.c:2311
    #6 0x51f461 in __rx_message drivers/qmimodem/qmi.c:801
    #7 0x521d22 in received_qmux_data drivers/qmimodem/qmi.c:1052
    #8 0x9da348 in io_callback ell/io.c:105
    #9 0x9d5077 in l_main_iterate ell/main.c:461
    #10 0x7811df in event_check src/main.c:182
    #11 0x761c0e1260ed  (/usr/lib/libglib-2.0.so.0+0x5b0ed) (BuildId: e717410de6953d0e1e85882d796204ca2675f1d4)
    #12 0x7ffe00000000  (<unknown module>)

The cid range can be set by the driver at any time.  If the gprs atom is
removed prior to being registered, the memory is not freed.  Fix that by
moving uintset deallocation to the remove method.
---
 src/gprs.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)
diff mbox series

Patch

diff --git a/src/gprs.c b/src/gprs.c
index 57b823b0f1c6..97d6f382e87d 100644
--- a/src/gprs.c
+++ b/src/gprs.c
@@ -3014,9 +3014,6 @@  static void gprs_unregister(struct ofono_atom *atom)
 
 	free_contexts(gprs);
 
-	l_uintset_free(gprs->used_cids);
-	gprs->used_cids = NULL;
-
 	if (gprs->netreg_watch) {
 		if (gprs->status_watch) {
 			__ofono_netreg_remove_status_watch(gprs->netreg,
@@ -3055,6 +3052,9 @@  static void gprs_remove(struct ofono_atom *atom)
 	if (gprs->suspend_timeout)
 		g_source_remove(gprs->suspend_timeout);
 
+	l_uintset_free(gprs->used_cids);
+	gprs->used_cids = NULL;
+
 	l_uintset_free(gprs->used_pids);
 	gprs->used_pids = NULL;