diff mbox series

[v2] iio: imu: adis16400: fix memory leak

Message ID 20190919155636.3241-1-navid.emamdoost@gmail.com (mailing list archive)
State New, archived
Headers show
Series [v2] iio: imu: adis16400: fix memory leak | expand

Commit Message

Navid Emamdoost Sept. 19, 2019, 3:56 p.m. UTC 
In adis_update_scan_mode_burst, if adis->buffer allocation fails release
the adis->xfer.

v2: set adis->xfer = NULL to avoid any potential double free.

Signed-off-by: Navid Emamdoost <navid.emamdoost@gmail.com>
---
 drivers/iio/imu/adis_buffer.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

Comments

Alexandru Ardelean Sept. 20, 2019, 6:46 a.m. UTC | #1 
On Thu, 2019-09-19 at 10:56 -0500, Navid Emamdoost wrote:
> In adis_update_scan_mode_burst, if adis->buffer allocation fails release
> the adis->xfer.
> 
> v2: set adis->xfer = NULL to avoid any potential double free.
> 

Reviewed-by: Alexandru Ardelean <alexandru.ardelean@analog.com>

> Signed-off-by: Navid Emamdoost <navid.emamdoost@gmail.com>
> ---
>  drivers/iio/imu/adis_buffer.c | 5 ++++-
>  1 file changed, 4 insertions(+), 1 deletion(-)
> 
> diff --git a/drivers/iio/imu/adis_buffer.c
> b/drivers/iio/imu/adis_buffer.c
> index 9ac8356d9a95..78fe83c1f4fe 100644
> --- a/drivers/iio/imu/adis_buffer.c
> +++ b/drivers/iio/imu/adis_buffer.c
> @@ -35,8 +35,11 @@ static int adis_update_scan_mode_burst(struct iio_dev
> *indio_dev,
>  		return -ENOMEM;
>  
>  	adis->buffer = kzalloc(burst_length + sizeof(u16), GFP_KERNEL);
> -	if (!adis->buffer)
> +	if (!adis->buffer) {
> +		kfree(adis->xfer);
> +		adis->xfer = NULL;
>  		return -ENOMEM;
> +	}
>  
>  	tx = adis->buffer + burst_length;
>  	tx[0] = ADIS_READ_REG(adis->burst->reg_cmd);
Jonathan Cameron Sept. 21, 2019, 6:15 p.m. UTC | #2 
On Fri, 20 Sep 2019 06:46:05 +0000
"Ardelean, Alexandru" <alexandru.Ardelean@analog.com> wrote:

> On Thu, 2019-09-19 at 10:56 -0500, Navid Emamdoost wrote:
> > In adis_update_scan_mode_burst, if adis->buffer allocation fails release
> > the adis->xfer.
> > 
> > v2: set adis->xfer = NULL to avoid any potential double free.
> >   
> 
> Reviewed-by: Alexandru Ardelean <alexandru.ardelean@analog.com>
Applied to the fixes-togreg branch of iio.git.

Thanks,

Jonathan

> 
> > Signed-off-by: Navid Emamdoost <navid.emamdoost@gmail.com>
> > ---
> >  drivers/iio/imu/adis_buffer.c | 5 ++++-
> >  1 file changed, 4 insertions(+), 1 deletion(-)
> > 
> > diff --git a/drivers/iio/imu/adis_buffer.c
> > b/drivers/iio/imu/adis_buffer.c
> > index 9ac8356d9a95..78fe83c1f4fe 100644
> > --- a/drivers/iio/imu/adis_buffer.c
> > +++ b/drivers/iio/imu/adis_buffer.c
> > @@ -35,8 +35,11 @@ static int adis_update_scan_mode_burst(struct iio_dev
> > *indio_dev,
> >  		return -ENOMEM;
> >  
> >  	adis->buffer = kzalloc(burst_length + sizeof(u16), GFP_KERNEL);
> > -	if (!adis->buffer)
> > +	if (!adis->buffer) {
> > +		kfree(adis->xfer);
> > +		adis->xfer = NULL;
> >  		return -ENOMEM;
> > +	}
> >  
> >  	tx = adis->buffer + burst_length;
> >  	tx[0] = ADIS_READ_REG(adis->burst->reg_cmd);
diff mbox series

Patch

diff --git a/drivers/iio/imu/adis_buffer.c b/drivers/iio/imu/adis_buffer.c
index 9ac8356d9a95..78fe83c1f4fe 100644
--- a/drivers/iio/imu/adis_buffer.c
+++ b/drivers/iio/imu/adis_buffer.c
@@ -35,8 +35,11 @@  static int adis_update_scan_mode_burst(struct iio_dev *indio_dev,
 		return -ENOMEM;
 
 	adis->buffer = kzalloc(burst_length + sizeof(u16), GFP_KERNEL);
-	if (!adis->buffer)
+	if (!adis->buffer) {
+		kfree(adis->xfer);
+		adis->xfer = NULL;
 		return -ENOMEM;
+	}
 
 	tx = adis->buffer + burst_length;
 	tx[0] = ADIS_READ_REG(adis->burst->reg_cmd);