From: Colin Ian King <colin.king@xxxxxxxxxxxxx>
The clean up of struct d can potentiallly index into a null array
d->virt_buf causing errorenous pointer dereferencing issues on
kfree calls. Fix this by adding a null check on d->virt_buf before
attempting to traverse the array to kfree the objects.
Addresses-Coverity: ("Dereference after null check")
Fixes: 4c5014456305 ("regmap-irq: Introduce virtual regs to handle more config regs")
Signed-off-by: Colin Ian King <colin.king@xxxxxxxxxxxxx>
---
drivers/base/regmap/regmap-irq.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/drivers/base/regmap/regmap-irq.c b/drivers/base/regmap/regmap-irq.c
index e6343ccc6aa1..760296a4b606 100644
--- a/drivers/base/regmap/regmap-irq.c
+++ b/drivers/base/regmap/regmap-irq.c
@@ -901,9 +901,11 @@ int regmap_add_irq_chip_fwnode(struct fwnode_handle *fwnode,
kfree(d->mask_buf);
kfree(d->status_buf);
kfree(d->status_reg_buf);
- for (i = 0; i < chip->num_virt_regs; i++)
- kfree(d->virt_buf[i]);
- kfree(d->virt_buf);
+ if (d->virt_buf) {
+ for (i = 0; i < chip->num_virt_regs; i++)
+ kfree(d->virt_buf[i]);
+ kfree(d->virt_buf);
+ }
kfree(d);
return ret;
}
--
2.30.2
