Re: [patch] [media] em28xx-input: NULL dereference on error

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Em Thu, 25 Sep 2014 17:37:46 +0200
Julia Lawall <julia.lawall@xxxxxxx> escreveu:

> On Thu, 25 Sep 2014, Frank Schäfer wrote:
> 
> > Hi Dan,
> >
> > Am 25.09.2014 um 13:39 schrieb Dan Carpenter:
> > > We call "kfree(ir->i2c_client);" in the error handling and that doesn't
> > > work if "ir" is NULL.
> > >
> > > Fixes: 78e719a5f30b ('[media] em28xx-input: i2c IR decoders: improve i2c_client handling')
> > > Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
> > >
> > > diff --git a/drivers/media/usb/em28xx/em28xx-input.c b/drivers/media/usb/em28xx/em28xx-input.c
> > > index 581f6da..23f8f6a 100644
> > > --- a/drivers/media/usb/em28xx/em28xx-input.c
> > > +++ b/drivers/media/usb/em28xx/em28xx-input.c
> > > @@ -712,8 +712,10 @@ static int em28xx_ir_init(struct em28xx *dev)
> > >  	em28xx_info("Registering input extension\n");
> > >
> > >  	ir = kzalloc(sizeof(*ir), GFP_KERNEL);
> > > +	if (!ir)
> > > +		return -ENOMEM;
> > >  	rc = rc_allocate_device();
> > > -	if (!ir || !rc)
> > > +	if (!rc)
> > >  		goto error;
> 
> I have never understood this kind of code.  If the kmalloc fails, why not
> give up immediately (as in Dan's patch)?


I agree. In this specific place, it can just return an error, as there's
nothing yet used, just like the previous clauses.

Regards,
Mauro
--
To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Kernel Development]     [Kernel Announce]     [Kernel Newbies]     [Linux Networking Development]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Device Mapper]

  Powered by Linux