From: "Gustavo A. R. Silva" <gustavo@embeddedor.com>
To: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Dan Carpenter <dan.carpenter@oracle.com>
Cc: devel@driverdev.osuosl.org, linux-kernel@vger.kernel.org,
"Gustavo A. R. Silva" <gustavo@embeddedor.com>
Subject: [PATCH v3] staging: ks7010_sdio: fix NULL pointer dereference and memory leak
Date: Thu, 12 Apr 2018 11:23:51 -0500 [thread overview]
Message-ID: <20180412162351.GA6043@embeddedor.com> (raw)
priv is being explicitly dereferenced when it is still null, when
jumping to goto label err_free_netdev, before it is properly
updated with a valid memory address.
Also, when this happens, memory allocated for netdev at line 854:
netdev = alloc_etherdev(sizeof(*priv)) is not being free'd before
return, hence there is a memory leak.
The current code looks a bit too complicated and can be replaced
by just directly freeing netdev before return.
Notice that card->priv = NULL isn't required because the next thing
we do to card is kfree(card).
Addresses-Coverity-ID: 1467844 ("Explicit null dereferenced")
Suggested-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Gustavo A. R. Silva <gustavo@embeddedor.com>
---
Changes in v3:
- Update subject and improve changelog.
- Add Suggested-by: Dan Carpenter <dan.carpenter@oracle.com>
Changes in v2:
- Update subject and commit changelog.
- Just directly free netdev. Thanks to Dan Carpenter for the feedback.
drivers/staging/ks7010/ks7010_sdio.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/drivers/staging/ks7010/ks7010_sdio.c b/drivers/staging/ks7010/ks7010_sdio.c
index b8f55a1..2c9b92c 100644
--- a/drivers/staging/ks7010/ks7010_sdio.c
+++ b/drivers/staging/ks7010/ks7010_sdio.c
@@ -932,8 +932,7 @@ static int ks7010_sdio_probe(struct sdio_func *func,
return 0;
err_free_netdev:
- free_netdev(priv->net_dev);
- card->priv = NULL;
+ free_netdev(netdev);
err_release_irq:
sdio_claim_host(func);
sdio_release_irq(func);
--
2.7.4
reply other threads:[~2018-04-12 16:23 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180412162351.GA6043@embeddedor.com \
--to=gustavo@embeddedor.com \
--cc=dan.carpenter@oracle.com \
--cc=devel@driverdev.osuosl.org \
--cc=gregkh@linuxfoundation.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.