________________________________________ From: Thorsten Blum thorsten.blum@linux.dev Sent: Friday, September 19, 2025 4:26 AM To: Don Brace - C33706 Don.Brace@microchip.com; James E.J. Bottomley James.Bottomley@HansenPartnership.com; Martin K. Petersen martin.petersen@oracle.com; Mike Miller mikem@beardog.cce.hp.com; James Bottomley James.Bottomley@suse.de; Andrew Morton akpm@linux-foundation.org; Alex Chiang achiang@hp.com; Stephen M. Cameron scameron@beardog.cce.hp.com Cc: Thorsten Blum thorsten.blum@linux.dev; stable@vger.kernel.org stable@vger.kernel.org; storagedev storagedev@microchip.com; linux-scsi@vger.kernel.org linux-scsi@vger.kernel.org; linux-kernel@vger.kernel.org linux-kernel@vger.kernel.org Subject: [PATCH RESEND] scsi: hpsa: Fix potential memory leak in hpsa_big_passthru_ioctl() EXTERNAL EMAIL: Do not click links or open attachments unless you know the content is safe
Replace kmalloc() followed by copy_from_user() with memdup_user() to fix a memory leak that occurs when copy_from_user(buff[sg_used],,) fails and the 'cleanup1:' path does not free the memory for 'buff[sg_used]'. Using memdup_user() avoids this by freeing the memory internally.
Since memdup_user() already allocates memory, use kzalloc() in the else branch instead of manually zeroing 'buff[sg_used]' using memset(0).
Cc: stable@vger.kernel.org Fixes: edd163687ea5 ("[SCSI] hpsa: add driver for HP Smart Array controllers.") Signed-off-by: Thorsten Blum thorsten.blum@linux.dev
Acked-By: Don Brace don.brace@microchip.com
Thanks for your patch.