On Wed, Nov 18, 2015 at 01:43:30PM +0100, Christian Gromm wrote: > This patch fixes a potential MBO leak in case function aim_read() > exits right after the MBO has been fetched from kfifo and before > it has been saved to the variable stacked_mbo. > > Signed-off-by: Christian Gromm <christian.gromm@xxxxxxxxxxxxx> > --- > drivers/staging/most/aim-cdev/cdev.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/staging/most/aim-cdev/cdev.c b/drivers/staging/most/aim-cdev/cdev.c > index 6ee4eb2..86194ce 100644 > --- a/drivers/staging/most/aim-cdev/cdev.c > +++ b/drivers/staging/most/aim-cdev/cdev.c > @@ -237,6 +237,7 @@ aim_read(struct file *filp, char __user *buf, size_t count, loff_t *offset) > (!channel->dev)))) > return -ERESTARTSYS; > } > + channel->stacked_mbo = mbo; You can also come out of the while loop when channel->dev is NULL. Maybe this should have been: if (channel->dev) channel->stacked_mbo = mbo; regards sudip _______________________________________________ devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxx http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel