On 7/2/26 09:37, Mike Rapoport wrote:
> On Thu, Jul 02, 2026 at 03:24:36PM +0800, Jiangshan Yi wrote:
>> child_vmsplice_memcmp_fn() allocated two heap buffers (old, new) and
>> opened a pipe, but every return path - including the normal one -
>> returned directly without freeing the buffers or closing the pipe file
>> descriptors. It also used the malloc() results without checking them,
>> so memcpy(old, mem, size) would crash on allocation failure (size can
>> be as large as a huge page).
>>
>> The sibling helper do_test_vmsplice_in_parent() in the same file already
>> uses the goto-based cleanup pattern; follow it here.
> 
> The difference is that child_vmsplice_memcmp_fn() runs in a forked process
> that dies if any error happens, so the allocated resources are anyway
> immediately freed.

I think this is the third time I have to reject such a patch. :)

> 
>> Check the allocations up front
> 
> This is the only check that is actually required, others are nice to have
> at best.
> 
> I'd keep the code simple and only add the allocation check that returns
> -ENOMEM on failure.

malloc() failing here is rather unlikely ... but yeah, why not.


-- 
Cheers,

David

Reply via email to