Hello.
On 26-01-2014 2:58, Christian Engelmayer wrote:
Fix a memory leak in the usb_store_new_id() error paths. When bailing out
due to sanity checks, the function left the already allocated usb_dynid
struct in place.
Detected by Coverity: CID 1162604.
Signed-off-by: Christian Engelmayer <cengelma@xxxxxx>
---
This patch addresses a regression introduced in the following commits:
commit c63fe8f6ca3669f1d120ff70523e2911b9966574
usb: core: add sanity checks when using bInterfaceClass with new_id
commit 1b9fb31f7db7882d475bdc8b335403e8eaabf1ef
usb: core: check for valid id_table when using the RefId feature
commit 52a6966c350624db89addc3e6a825f5e797a73e4
usb: core: bail out if user gives an unknown RefId when using new_id
All that should be included in the changelog.
[...]
diff --git a/drivers/usb/core/driver.c b/drivers/usb/core/driver.c
index 5d01558..7e95661 100644
--- a/drivers/usb/core/driver.c
+++ b/drivers/usb/core/driver.c
[...]
@@ -82,8 +86,10 @@ ssize_t usb_store_new_id(struct usb_dynids *dynids,
if (id->match_flags)
dynid->id.driver_info = id->driver_info;
- else
+ else {
+ kfree(dynid);
return -ENODEV;
+ }
Once you add {} to one arm of the *if* stetement, you should add {} to all
other arms too -- see Documentation/CodingStyle.
WBR, Sergei
--
To unsubscribe from this list: send the line "unsubscribe linux-usb" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
