From a6e8417678fc52d4046d9a9bd31d005abb9e510e Mon Sep 17 00:00:00 2001
From: Hyung Taek Ryoo <hryoo@nvidia.com>
Date: Wed, 5 Mar 2014 13:42:45 -0800
Subject: security: tlk_driver: fix memory leak from tlk logging

This change to fix memory leak from tlk logging.

Bug 1467162

Change-Id: I81d520ed4637861cbaab3bd7dcda063ecce9a123
Signed-off-by: Hyung Taek Ryoo <hryoo@nvidia.com>
Reviewed-on: http://git-master/r/378071
(cherry picked from commit 50810a36bf0726c3df7f3d25f886e9852d43e13b)
Reviewed-on: http://git-master/r/380740
Reviewed-by: Bharat Nihalani <bnihalani@nvidia.com>
---
 security/tlk_driver/ote_log.c | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

(limited to 'security')

diff --git a/security/tlk_driver/ote_log.c b/security/tlk_driver/ote_log.c
index 0a1fbd79b617..9a70077dbe7b 100644
--- a/security/tlk_driver/ote_log.c
+++ b/security/tlk_driver/ote_log.c
@@ -128,12 +128,13 @@ void ote_print_logs(void)
 {
 	char *text = NULL;
 	char *temp = NULL;
+	char *buffer = NULL;
 
 	if (!ote_logging_enabled)
 		return;
 
-	text = kzalloc(LOGBUF_SIZE, GFP_KERNEL);
-	BUG_ON(!text);
+	buffer = kzalloc(LOGBUF_SIZE, GFP_KERNEL);
+	BUG_ON(!buffer);
 
 	/* This detects if the buffer proved to be too small to hold the data.
 	 * If buffer is not large enough, it overwrites it's oldest data,
@@ -144,12 +145,17 @@ void ote_print_logs(void)
 		cb->overflow = 0;
 	}
 
-	if (circ_buf_copy(cb, text) != 0) {
-		kfree(text);
+	if (circ_buf_copy(cb, buffer) != 0) {
+		kfree(buffer);
 		return;
 	}
 	cb->buf[cb->end] = '\0';
 
+	/* In case no delimiter was found,
+	 * the token is taken to be the entire string *stringp,
+	 * and *stringp is made NULL.
+	 */
+	text = buffer;
 	temp = strsep(&text, "\n");
 	while (temp != NULL) {
 		if (strnlen(temp, LOGBUF_SIZE))
@@ -159,7 +165,7 @@ void ote_print_logs(void)
 
 	/* Indicate that buffer is empty */
 	cb->start = cb->end;
-	kfree(text);
+	kfree(buffer);
 }
 #else
 void ote_print_logs(void) {}
-- 
cgit v1.2.3