Re: [PATCH v2] device property: fix of node refcount leak in fwnode_graph_get_next_endpoint()

From: Yang Yingliang
Date: Tue Nov 22 2022 - 08:13:01 EST



On 2022/11/22 20:54, Andy Shevchenko wrote:
On Tue, Nov 22, 2022 at 08:00:39PM +0800, Yang Yingliang wrote:
The 'parent' returned by fwnode_graph_get_port_parent()
with refcount incremented when 'prev' is not null, it
NULL

needs be put when finish using it.

Because the parent is const, introduce a new variable to
store the returned fwnode, then put it before returning
from fwnode_graph_get_next_endpoint().
...

fwnode_graph_get_next_endpoint(const struct fwnode_handle *fwnode,
struct fwnode_handle *prev)
{
+ struct fwnode_handle *ep, *port_parent = NULL;
const struct fwnode_handle *parent;
- struct fwnode_handle *ep;
/*
* If this function is in a loop and the previous iteration returned
* an endpoint from fwnode->secondary, then we need to use the secondary
* as parent rather than @fwnode.
*/
- if (prev)
- parent = fwnode_graph_get_port_parent(prev);
- else
+ if (prev) {
+ port_parent = fwnode_graph_get_port_parent(prev);
+ parent = port_parent;
+ } else {
parent = fwnode;
+ }
if (IS_ERR_OR_NULL(parent))
return NULL;
ep = fwnode_call_ptr_op(parent, graph_get_next_endpoint, prev);
- if (ep)
+ if (ep) {
+ fwnode_handle_put(port_parent);
return ep;
+ }
- return fwnode_graph_get_next_endpoint(parent->secondary, NULL);
+ ep = fwnode_graph_get_next_endpoint(parent->secondary, NULL);
+ fwnode_handle_put(port_parent);
+ return ep;
It seems too complicated for the simple fix.

As I said, just drop const qualifier and add fwnode_handle_get() in the 'else'
branch. This will allow you to drop if (prev) at the end.

fwnode is const, fwnode_handle_get doesn't accept this type.