Re: [2.6 patch] drivers/ieee1394/raw1394.c: fix a NULL pointer dereference

From: Stefan Richter
Date: Mon Nov 21 2005 - 14:15:10 EST

Next message: Lee Revell: "Re: 2.6.14-rt13 does not build"
Previous message: Sidney Li: "2.6.14.2 detects only one processor (out of 2)"
In reply to: Adrian Bunk: "Re: [2.6 patch] drivers/ieee1394/raw1394.c: fix a NULL pointer dereference"
Next in thread: Ben Collins: "Re: [2.6 patch] drivers/ieee1394/raw1394.c: fix a NULL pointer dereference"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Adrian Bunk wrote:
[...]

There's no need to free cache at this point, and it's getting free'd later.

Signed-off-by: Adrian Bunk <bunk@xxxxxxxxx>

--- linux-2.6.15-rc1-mm2-full/drivers/ieee1394/raw1394.c.old 2005-11-20 22:08:57.000000000 +0100
+++ linux-2.6.15-rc1-mm2-full/drivers/ieee1394/raw1394.c 2005-11-21 00:49:38.000000000 +0100
@@ -2131,7 +2131,6 @@
req->req.length)) {
csr1212_release_keyval(fi->csr1212_dirs[dr]);
fi->csr1212_dirs[dr] = NULL;
- CSR1212_FREE(cache);
ret = -EFAULT;
} else {
cache->len = req->req.length;

This looks OK to me. But there seems to be another bug. I think the line

kfree(cache);

after the if and else blocks has to be replaced by

CSR1212_FREE(cache);

--
Stefan Richter
-=====-=-=-= =-== =-=-=
http://arcgraph.de/sr/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Lee Revell: "Re: 2.6.14-rt13 does not build"
Previous message: Sidney Li: "2.6.14.2 detects only one processor (out of 2)"
In reply to: Adrian Bunk: "Re: [2.6 patch] drivers/ieee1394/raw1394.c: fix a NULL pointer dereference"
Next in thread: Ben Collins: "Re: [2.6 patch] drivers/ieee1394/raw1394.c: fix a NULL pointer dereference"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]