Message ID | 20190919155636.3241-1-navid.emamdoost@gmail.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | [v2] iio: imu: adis16400: fix memory leak | expand |
On Thu, 2019-09-19 at 10:56 -0500, Navid Emamdoost wrote: > In adis_update_scan_mode_burst, if adis->buffer allocation fails release > the adis->xfer. > > v2: set adis->xfer = NULL to avoid any potential double free. > Reviewed-by: Alexandru Ardelean <alexandru.ardelean@analog.com> > Signed-off-by: Navid Emamdoost <navid.emamdoost@gmail.com> > --- > drivers/iio/imu/adis_buffer.c | 5 ++++- > 1 file changed, 4 insertions(+), 1 deletion(-) > > diff --git a/drivers/iio/imu/adis_buffer.c > b/drivers/iio/imu/adis_buffer.c > index 9ac8356d9a95..78fe83c1f4fe 100644 > --- a/drivers/iio/imu/adis_buffer.c > +++ b/drivers/iio/imu/adis_buffer.c > @@ -35,8 +35,11 @@ static int adis_update_scan_mode_burst(struct iio_dev > *indio_dev, > return -ENOMEM; > > adis->buffer = kzalloc(burst_length + sizeof(u16), GFP_KERNEL); > - if (!adis->buffer) > + if (!adis->buffer) { > + kfree(adis->xfer); > + adis->xfer = NULL; > return -ENOMEM; > + } > > tx = adis->buffer + burst_length; > tx[0] = ADIS_READ_REG(adis->burst->reg_cmd);
On Fri, 20 Sep 2019 06:46:05 +0000 "Ardelean, Alexandru" <alexandru.Ardelean@analog.com> wrote: > On Thu, 2019-09-19 at 10:56 -0500, Navid Emamdoost wrote: > > In adis_update_scan_mode_burst, if adis->buffer allocation fails release > > the adis->xfer. > > > > v2: set adis->xfer = NULL to avoid any potential double free. > > > > Reviewed-by: Alexandru Ardelean <alexandru.ardelean@analog.com> Applied to the fixes-togreg branch of iio.git. Thanks, Jonathan > > > Signed-off-by: Navid Emamdoost <navid.emamdoost@gmail.com> > > --- > > drivers/iio/imu/adis_buffer.c | 5 ++++- > > 1 file changed, 4 insertions(+), 1 deletion(-) > > > > diff --git a/drivers/iio/imu/adis_buffer.c > > b/drivers/iio/imu/adis_buffer.c > > index 9ac8356d9a95..78fe83c1f4fe 100644 > > --- a/drivers/iio/imu/adis_buffer.c > > +++ b/drivers/iio/imu/adis_buffer.c > > @@ -35,8 +35,11 @@ static int adis_update_scan_mode_burst(struct iio_dev > > *indio_dev, > > return -ENOMEM; > > > > adis->buffer = kzalloc(burst_length + sizeof(u16), GFP_KERNEL); > > - if (!adis->buffer) > > + if (!adis->buffer) { > > + kfree(adis->xfer); > > + adis->xfer = NULL; > > return -ENOMEM; > > + } > > > > tx = adis->buffer + burst_length; > > tx[0] = ADIS_READ_REG(adis->burst->reg_cmd);
diff --git a/drivers/iio/imu/adis_buffer.c b/drivers/iio/imu/adis_buffer.c index 9ac8356d9a95..78fe83c1f4fe 100644 --- a/drivers/iio/imu/adis_buffer.c +++ b/drivers/iio/imu/adis_buffer.c @@ -35,8 +35,11 @@ static int adis_update_scan_mode_burst(struct iio_dev *indio_dev, return -ENOMEM; adis->buffer = kzalloc(burst_length + sizeof(u16), GFP_KERNEL); - if (!adis->buffer) + if (!adis->buffer) { + kfree(adis->xfer); + adis->xfer = NULL; return -ENOMEM; + } tx = adis->buffer + burst_length; tx[0] = ADIS_READ_REG(adis->burst->reg_cmd);
In adis_update_scan_mode_burst, if adis->buffer allocation fails release the adis->xfer. v2: set adis->xfer = NULL to avoid any potential double free. Signed-off-by: Navid Emamdoost <navid.emamdoost@gmail.com> --- drivers/iio/imu/adis_buffer.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)