From: Lars-Peter Clausen Date: Fri, 6 May 2016 11:26:02 +0000 (+0200) Subject: victor-dmm: Fix USB device list leak X-Git-Tag: libsigrok-0.5.0~426 X-Git-Url: https://sigrok.org/gitaction?a=commitdiff_plain;h=4af1f68f9a69daa22064c4b99831f6dee5c5fbb2;p=libsigrok.git victor-dmm: Fix USB device list leak The victor-dmm driver uses libusb_get_device_list() but neglects to call the matching libusb_device_list_free() on the error path of libusb_open(). This will leak the memory allocated for the list as well as all the devices. To address the issue use sr_usb_open() instead of open-coding its functionality. sr_usb_open() correctly handles freeing the device list. The issue was discovered using the following coccinelle semantic patch: // @@ identifier devlist; expression ctx, ret; statement S; @@ ( libusb_get_device_list(ctx, &devlist); | ret = libusb_get_device_list(ctx, &devlist); if (ret < 0) S ) ... when != libusb_free_device_list(devlist, ...) *return ...; // Signed-off-by: Lars-Peter Clausen --- diff --git a/src/hardware/victor-dmm/api.c b/src/hardware/victor-dmm/api.c index aefbe8b2..47854ee9 100644 --- a/src/hardware/victor-dmm/api.c +++ b/src/hardware/victor-dmm/api.c @@ -107,28 +107,13 @@ static int dev_open(struct sr_dev_inst *sdi) struct sr_dev_driver *di = sdi->driver; struct drv_context *drvc = di->context; struct sr_usb_dev_inst *usb; - libusb_device **devlist; - int ret, i; - char connection_id[64]; + int ret; usb = sdi->conn; - libusb_get_device_list(drvc->sr_ctx->libusb_ctx, &devlist); - for (i = 0; devlist[i]; i++) { - usb_get_port_path(devlist[i], connection_id, sizeof(connection_id)); - if (strcmp(sdi->connection_id, connection_id)) - continue; - if ((ret = libusb_open(devlist[i], &usb->devhdl))) { - sr_err("Failed to open device: %s.", libusb_error_name(ret)); - return SR_ERR; - } - break; - } - libusb_free_device_list(devlist, 1); - if (!devlist[i]) { - sr_err("Device not found."); - return SR_ERR; - } + ret = sr_usb_open(drvc->sr_ctx->libusb_ctx, usb); + if (ret != SR_OK) + return ret; /* The device reports as HID class, so the kernel would have * claimed it. */