hash_add() can fail and for this reason its return value has to be correctly interpreted to avoid memory leaks.
Signed-off-by: Antonio Quartulli ordex@autistici.org ---
This patch needs "[PATCH] batman-adv: hash_add() has to discriminate on the return value" to work
translation-table.c | 27 +++++++++++++++++++++------ 1 files changed, 21 insertions(+), 6 deletions(-)
diff --git a/translation-table.c b/translation-table.c index fb6931d..267a287 100644 --- a/translation-table.c +++ b/translation-table.c @@ -188,6 +188,7 @@ void tt_local_add(struct net_device *soft_iface, const uint8_t *addr) struct bat_priv *bat_priv = netdev_priv(soft_iface); struct tt_local_entry *tt_local_entry = NULL; struct tt_global_entry *tt_global_entry = NULL; + int hash_added;
tt_local_entry = tt_local_hash_find(bat_priv, addr);
@@ -220,8 +221,14 @@ void tt_local_add(struct net_device *soft_iface, const uint8_t *addr) * (consistency check) */ tt_local_entry->flags |= TT_CLIENT_NEW;
- hash_add(bat_priv->tt_local_hash, compare_ltt, choose_orig, - tt_local_entry, &tt_local_entry->hash_entry); + hash_added = hash_add(bat_priv->tt_local_hash, compare_ltt, + choose_orig, tt_local_entry, + &tt_local_entry->hash_entry); + if (hash_added != 0) + tt_local_entry_free_ref(tt_local_entry); + + if (hash_added < 0) + goto out;
/* remove address from global hash if present */ tt_global_entry = tt_global_hash_find(bat_priv, addr); @@ -500,6 +507,7 @@ int tt_global_add(struct bat_priv *bat_priv, struct orig_node *orig_node, struct tt_global_entry *tt_global_entry; struct orig_node *orig_node_tmp; int ret = 0; + int hash_added;
tt_global_entry = tt_global_hash_find(bat_priv, tt_addr);
@@ -519,10 +527,17 @@ int tt_global_add(struct bat_priv *bat_priv, struct orig_node *orig_node, tt_global_entry->roam_at = 0; atomic_set(&tt_global_entry->refcount, 2);
- hash_add(bat_priv->tt_global_hash, compare_gtt, - choose_orig, tt_global_entry, - &tt_global_entry->hash_entry); - atomic_inc(&orig_node->tt_size); + hash_added = hash_add(bat_priv->tt_global_hash, compare_gtt, + choose_orig, tt_global_entry, + &tt_global_entry->hash_entry); + if (hash_added != 0) + tt_global_entry_free_ref(tt_global_entry); + + if (hash_added < 0) + goto out; + + if (!hash_added) + atomic_inc(&orig_node->tt_size); } else { if (tt_global_entry->orig_node != orig_node) { atomic_dec(&tt_global_entry->orig_node->tt_size);
On Sunday, July 10, 2011 01:50:57 Antonio Quartulli wrote:
@@ -220,8 +221,14 @@ void tt_local_add(struct net_device *soft_iface, const uint8_t *addr) * (consistency check) */ tt_local_entry->flags |= TT_CLIENT_NEW;
- hash_add(bat_priv->tt_local_hash, compare_ltt, choose_orig,
tt_local_entry, &tt_local_entry->hash_entry);
- hash_added = hash_add(bat_priv->tt_local_hash, compare_ltt,
choose_orig, tt_local_entry,
&tt_local_entry->hash_entry);
- if (hash_added != 0)
tt_local_entry_free_ref(tt_local_entry);
- if (hash_added < 0)
goto out;
No matter whether we add a new element to the tt hash or not we always generate a log message and throw a tt_local_event(). Is that what we want ?
@@ -519,10 +527,17 @@ int tt_global_add(struct bat_priv *bat_priv, struct orig_node *orig_node, tt_global_entry->roam_at = 0; atomic_set(&tt_global_entry->refcount, 2);
hash_add(bat_priv->tt_global_hash, compare_gtt,
choose_orig, tt_global_entry,
&tt_global_entry->hash_entry);
atomic_inc(&orig_node->tt_size);
hash_added = hash_add(bat_priv->tt_global_hash, compare_gtt,
choose_orig, tt_global_entry,
&tt_global_entry->hash_entry);
if (hash_added != 0)
tt_global_entry_free_ref(tt_global_entry);
if (hash_added < 0)
goto out;
if (!hash_added)
atomic_inc(&orig_node->tt_size);
Here we only generate a log message when the element has been added or already exists. Do we want that too ?
Regards, Marek
On Sat, Jul 23, 2011 at 11:17:22 +0200, Marek Lindner wrote:
On Sunday, July 10, 2011 01:50:57 Antonio Quartulli wrote:
@@ -220,8 +221,14 @@ void tt_local_add(struct net_device *soft_iface, const uint8_t *addr) * (consistency check) */ tt_local_entry->flags |= TT_CLIENT_NEW;
- hash_add(bat_priv->tt_local_hash, compare_ltt, choose_orig,
tt_local_entry, &tt_local_entry->hash_entry);
- hash_added = hash_add(bat_priv->tt_local_hash, compare_ltt,
choose_orig, tt_local_entry,
&tt_local_entry->hash_entry);
- if (hash_added != 0)
tt_local_entry_free_ref(tt_local_entry);
- if (hash_added < 0)
goto out;
No matter whether we add a new element to the tt hash or not we always generate a log message and throw a tt_local_event(). Is that what we want ?
What about going to 'out' in case of hash_added != 0? In both cases (<0 or >0) we cannot go ahead with the function as the entry has already been added or it is not possible to add it.
@@ -519,10 +527,17 @@ int tt_global_add(struct bat_priv *bat_priv, struct orig_node *orig_node, tt_global_entry->roam_at = 0; atomic_set(&tt_global_entry->refcount, 2);
hash_add(bat_priv->tt_global_hash, compare_gtt,
choose_orig, tt_global_entry,
&tt_global_entry->hash_entry);
atomic_inc(&orig_node->tt_size);
hash_added = hash_add(bat_priv->tt_global_hash, compare_gtt,
choose_orig, tt_global_entry,
&tt_global_entry->hash_entry);
if (hash_added != 0)
tt_global_entry_free_ref(tt_global_entry);
if (hash_added < 0)
goto out;
if (!hash_added)
atomic_inc(&orig_node->tt_size);
Here we only generate a log message when the element has been added or already exists. Do we want that too ?
The same as before.
Cheers, Antonio
On Sunday, July 31, 2011 23:53:19 Antonio Quartulli wrote:
- hash_added = hash_add(bat_priv->tt_local_hash, compare_ltt,
choose_orig, tt_local_entry,
&tt_local_entry->hash_entry);
- if (hash_added != 0)
tt_local_entry_free_ref(tt_local_entry);
- if (hash_added < 0)
goto out;
No matter whether we add a new element to the tt hash or not we always generate a log message and throw a tt_local_event(). Is that what we want ?
What about going to 'out' in case of hash_added != 0? In both cases (<0 or
- we cannot go ahead with the function as the entry has already been
added or it is not possible to add it.
If I am not mistaken we should keep the additional "tt_local_entry_free_ref()" because we initialize the newly allocated struct with 2. Still, the original problem remains: We generate a log message claiming to have added a new entry even though it might fail later. You have to move the log message to the end of the function.
hash_added = hash_add(bat_priv->tt_global_hash, compare_gtt,
choose_orig, tt_global_entry,
&tt_global_entry->hash_entry);
if (hash_added != 0)
tt_global_entry_free_ref(tt_global_entry);
if (hash_added < 0)
goto out;
if (!hash_added)
atomic_inc(&orig_node->tt_size);
Here we only generate a log message when the element has been added or already exists. Do we want that too ?
The same as before.
Yeah, same problem as above. :-)
Cheers, Marek
b.a.t.m.a.n@lists.open-mesh.org