On Sun, 29 Jul 2007 17:00:46 +0200
Adrian Bunk <bunk@xxxxxxxxx> wrote:
> The Coverity checker spotted the following use-after-free in
> acpi_battery_add():
>
> <-- snip -->
>
> ...
> static int acpi_battery_add(struct acpi_device *device)
> {
> ...
> if (result) {
> acpi_battery_remove_fs(device);
> kfree(battery);
> }
>
> mutex_unlock(&battery->mutex);
> ...
>
> <-- snip -->
>
This?
--- a/drivers/acpi/battery.c~acpi_battery_add-use-after-free
+++ a/drivers/acpi/battery.c
@@ -931,13 +931,12 @@ static int acpi_battery_add(struct acpi_
end:
+ mutex_unlock(&battery->mutex);
if (result) {
acpi_battery_remove_fs(device);
kfree(battery);
}
- mutex_unlock(&battery->mutex);
-
return result;
}
_
-
To unsubscribe from this list: send the line "unsubscribe linux-acpi" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
