Il 09/02/23 10:25, Jiasheng Jiang ha scritto:
Add the check for the return value of the ida_alloc in order to avoid
NULL pointer dereference.
Moreover, free allocated "ctx->id" if mdp_m2m_open fails later in order
to avoid memory leak.
Fixes: 61890ccaefaf ("media: platform: mtk-mdp3: add MediaTek MDP3 driver")
Signed-off-by: Jiasheng Jiang <jiasheng@xxxxxxxxxxx>
---
Changelog:
v2 -> v3:
1. Fix the goto label.
v1 -> v2:
1. Fix the check for the ida_alloc.
---
drivers/media/platform/mediatek/mdp3/mtk-mdp3-m2m.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/drivers/media/platform/mediatek/mdp3/mtk-mdp3-m2m.c b/drivers/media/platform/mediatek/mdp3/mtk-mdp3-m2m.c
index 5f74ea3b7a52..a2d204e90aa4 100644
--- a/drivers/media/platform/mediatek/mdp3/mtk-mdp3-m2m.c
+++ b/drivers/media/platform/mediatek/mdp3/mtk-mdp3-m2m.c
@@ -567,6 +567,11 @@ static int mdp_m2m_open(struct file *file)
}
ctx->id = ida_alloc(&mdp->mdp_ida, GFP_KERNEL);
+ if (ctx->id < 0) {
There's one main not-so-minor issue here: ctx->id is u32.
Unsigned types cannot evaluate less than zero: they're .. unsigned!
There's your fix:
ret = ida_alloc ...
if (ret)
....
ctx->id = ret;
Enjoy.
Regards,
Angelo