Il 09/02/23 10:25, Jiasheng Jiang ha scritto:
Add the check for the return value of the ida_alloc in order to avoid NULL pointer dereference. Moreover, free allocated "ctx->id" if mdp_m2m_open fails later in order to avoid memory leak. Fixes: 61890ccaefaf ("media: platform: mtk-mdp3: add MediaTek MDP3 driver") Signed-off-by: Jiasheng Jiang <jiasheng@xxxxxxxxxxx> --- Changelog: v2 -> v3: 1. Fix the goto label. v1 -> v2: 1. Fix the check for the ida_alloc. --- drivers/media/platform/mediatek/mdp3/mtk-mdp3-m2m.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/drivers/media/platform/mediatek/mdp3/mtk-mdp3-m2m.c b/drivers/media/platform/mediatek/mdp3/mtk-mdp3-m2m.c index 5f74ea3b7a52..a2d204e90aa4 100644 --- a/drivers/media/platform/mediatek/mdp3/mtk-mdp3-m2m.c +++ b/drivers/media/platform/mediatek/mdp3/mtk-mdp3-m2m.c @@ -567,6 +567,11 @@ static int mdp_m2m_open(struct file *file) }ctx->id = ida_alloc(&mdp->mdp_ida, GFP_KERNEL);+ if (ctx->id < 0) {
There's one main not-so-minor issue here: ctx->id is u32. Unsigned types cannot evaluate less than zero: they're .. unsigned! There's your fix: ret = ida_alloc ... if (ret) .... ctx->id = ret; Enjoy. Regards, Angelo
