Patchwork dmaengine: qcom_hidma: avoid freeing an uninitialized pointer

login
register
mail settings
Submitter Anton Vasilyev
Date Aug. 10, 2017, 3:54 p.m.
Message ID <1502380465-13434-1-git-send-email-vasilyev@ispras.ru>
Download mbox | patch
Permalink /patch/9894059/
State Not Applicable, archived
Headers show

Comments

Anton Vasilyev - Aug. 10, 2017, 3:54 p.m.
If device_node np doesn't contain child or first child doesn't have
property "reg" then hidma_mgmt_of_populate_channels() perfoms
deallocation on uninitialized local variable res.

The patch adds res initialization by NULL.

Found by Linux Driver Verification project (linuxtesting.org).

Signed-off-by: Anton Vasilyev <vasilyev@ispras.ru>
---
 drivers/dma/qcom/hidma_mgmt.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
Sinan Kaya - Aug. 10, 2017, 4:17 p.m.
On 8/10/2017 11:54 AM, Anton Vasilyev wrote:
> If device_node np doesn't contain child or first child doesn't have
> property "reg" then hidma_mgmt_of_populate_channels() perfoms
> deallocation on uninitialized local variable res.
> 
> The patch adds res initialization by NULL.
> 
> Found by Linux Driver Verification project (linuxtesting.org).
> 
> Signed-off-by: Anton Vasilyev <vasilyev@ispras.ru>
> ---
>  drivers/dma/qcom/hidma_mgmt.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/dma/qcom/hidma_mgmt.c b/drivers/dma/qcom/hidma_mgmt.c
> index 5a0991b..89e36e3 100644
> --- a/drivers/dma/qcom/hidma_mgmt.c
> +++ b/drivers/dma/qcom/hidma_mgmt.c
> @@ -354,7 +354,7 @@ static int __init hidma_mgmt_of_populate_channels(struct device_node *np)
>  	struct platform_device_info pdevinfo;
>  	struct of_phandle_args out_irq;
>  	struct device_node *child;
> -	struct resource *res;
> +	struct resource *res = NULL;
>  	const __be32 *cell;
>  	int ret = 0, size, i, num;
>  	u64 addr, addr_size;
> 

Reviewed-by: Sinan Kaya <okaya@codeaurora.org>
Vinod Koul - Aug. 21, 2017, 4:21 p.m.
On Thu, Aug 10, 2017 at 06:54:25PM +0300, Anton Vasilyev wrote:
> If device_node np doesn't contain child or first child doesn't have
> property "reg" then hidma_mgmt_of_populate_channels() perfoms
> deallocation on uninitialized local variable res.
> 
> The patch adds res initialization by NULL.
> 
> Found by Linux Driver Verification project (linuxtesting.org).

Applied, thanks

Patch

diff --git a/drivers/dma/qcom/hidma_mgmt.c b/drivers/dma/qcom/hidma_mgmt.c
index 5a0991b..89e36e3 100644
--- a/drivers/dma/qcom/hidma_mgmt.c
+++ b/drivers/dma/qcom/hidma_mgmt.c
@@ -354,7 +354,7 @@  static int __init hidma_mgmt_of_populate_channels(struct device_node *np)
 	struct platform_device_info pdevinfo;
 	struct of_phandle_args out_irq;
 	struct device_node *child;
-	struct resource *res;
+	struct resource *res = NULL;
 	const __be32 *cell;
 	int ret = 0, size, i, num;
 	u64 addr, addr_size;