On Thu, 19 Nov 2015 10:41:24 +0530 Sudip Mukherjee <sudipm.mukherjee@xxxxxxxxx> wrote: > On Wed, Nov 18, 2015 at 01:43:30PM +0100, Christian Gromm wrote: > > This patch fixes a potential MBO leak in case function aim_read() > > exits right after the MBO has been fetched from kfifo and before > > it has been saved to the variable stacked_mbo. > > > > Signed-off-by: Christian Gromm <christian.gromm@xxxxxxxxxxxxx> > > --- > > drivers/staging/most/aim-cdev/cdev.c | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/drivers/staging/most/aim-cdev/cdev.c b/drivers/staging/most/aim-cdev/cdev.c > > index 6ee4eb2..86194ce 100644 > > --- a/drivers/staging/most/aim-cdev/cdev.c > > +++ b/drivers/staging/most/aim-cdev/cdev.c > > @@ -237,6 +237,7 @@ aim_read(struct file *filp, char __user *buf, size_t count, loff_t *offset) > > (!channel->dev)))) > > return -ERESTARTSYS; > > } > > + channel->stacked_mbo = mbo; > > You can also come out of the while loop when channel->dev is NULL. > > Maybe this should have been: > if (channel->dev) > channel->stacked_mbo = mbo; You're probably right. But the stacked_mbo pointer is going to be removed with patch 25 of this patchset anyway. This patch is just a part to get the whole story across. Thanks, Chris > > regards > sudip _______________________________________________ devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxx http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
