Re: [PATCH] hidinput: kernel oops in out_cleanup in functionhidinput_connect
From: Dmitry Torokhov
Date: Tue Feb 15 2011 - 11:46:34 EST
On Tue, Feb 15, 2011 at 03:41:10PM +0100, Benjamin Tissoires wrote:
> Goto out_cleanup infers a kernel oops: hidinput_disconnect calls
> input_unregister_driver to all members of hid->inputs.
> However, hidinput already has been added to hid->inputs even
> though input_register_device was not called.
>
> Signed-off-by: Benjamin Tissoires <benjamin.tissoires@xxxxxxx>
Yep, well spotted.
Reviewed-by: Dmitry Torokhov <dtor@xxxxxxx>
> ---
> Hi,
>
> while playing with hidinput_connect, I found this bug.
>
> Cheers,
> Benjamin
>
> drivers/hid/hid-input.c | 1 +
> 1 files changed, 1 insertions(+), 0 deletions(-)
>
> diff --git a/drivers/hid/hid-input.c b/drivers/hid/hid-input.c
> index 7f552bf..f53911d 100644
> --- a/drivers/hid/hid-input.c
> +++ b/drivers/hid/hid-input.c
> @@ -928,6 +928,7 @@ int hidinput_connect(struct hid_device *hid, unsigned int force)
> return 0;
>
> out_cleanup:
> + list_del(&hidinput->list);
> input_free_device(hidinput->input);
> kfree(hidinput);
> out_unwind:
> --
> 1.7.4
>
--
Dmitry
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/