Calling media_entity_cleanup() on a cleaned-up entity would result into
double free of the entity->links pointer and likely memory corruption as
well. Setting entity->links as NULL right after the kfree() avoids this.
Signed-off-by: Sakari Ailus <sakari.ailus@xxxxxxxxxxxxxxx>
---
drivers/media/media-entity.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/media/media-entity.c b/drivers/media/media-entity.c
index 37c334e..c404354 100644
--- a/drivers/media/media-entity.c
+++ b/drivers/media/media-entity.c
@@ -83,6 +83,7 @@ void
media_entity_cleanup(struct media_entity *entity)
{
kfree(entity->links);
+ entity->links = NULL;
}
EXPORT_SYMBOL_GPL(media_entity_cleanup);
--
1.8.3.2
--
To unsubscribe from this list: send the line "unsubscribe linux-media" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
