[PATCH 4/6] mtd: nand_bbt: unify/fix error handling in nand_scan_bbt()

From: Peter Pan 潘栋 (peterpandong)
Date: Wed Apr 15 2015 - 22:14:17 EST


Don't leak this->bbt, and return early if check_create() fails. It helps
to have a single error path to avoid these problems.

Signed-off-by: Brian Norris <computersforpeace@xxxxxxxxx>
Signed-off-by: Peter Pan <peterpandong@xxxxxxxxxx>
---
drivers/mtd/nand/nand_bbt.c | 19 ++++++++++++-------
1 file changed, 12 insertions(+), 7 deletions(-)

diff --git a/drivers/mtd/nand/nand_bbt.c b/drivers/mtd/nand/nand_bbt.c
index 53e1758..516db2c 100644
--- a/drivers/mtd/nand/nand_bbt.c
+++ b/drivers/mtd/nand/nand_bbt.c
@@ -1077,7 +1077,7 @@ static void verify_bbt_descr(struct mtd_info *mtd, struct nand_bbt_descr *bd)
static int nand_scan_bbt(struct mtd_info *mtd, struct nand_bbt_descr *bd)
{
struct nand_chip *this = mtd->priv;
- int len, res = 0;
+ int len, res;
uint8_t *buf;
struct nand_bbt_descr *td = this->bbt_td;
struct nand_bbt_descr *md = this->bbt_md;
@@ -1098,10 +1098,9 @@ static int nand_scan_bbt(struct mtd_info *mtd, struct nand_bbt_descr *bd)
if (!td) {
if ((res = nand_memory_bbt(mtd, bd))) {
pr_err("nand_bbt: can't scan flash and build the RAM-based BBT\n");
- kfree(this->bbt);
- this->bbt = NULL;
+ goto err;
}
- return res;
+ return 0;
}
verify_bbt_descr(mtd, td);
verify_bbt_descr(mtd, md);
@@ -1111,9 +1110,8 @@ static int nand_scan_bbt(struct mtd_info *mtd, struct nand_bbt_descr *bd)
len += (len >> this->page_shift) * mtd->oobsize;
buf = vmalloc(len);
if (!buf) {
- kfree(this->bbt);
- this->bbt = NULL;
- return -ENOMEM;
+ res = -ENOMEM;
+ goto err;
}

/* Is the bbt at a given page? */
@@ -1125,6 +1123,8 @@ static int nand_scan_bbt(struct mtd_info *mtd, struct nand_bbt_descr *bd)
}

res = check_create(mtd, buf, bd);
+ if (res)
+ goto err;

/* Prevent the bbt regions from erasing / writing */
mark_bbt_region(mtd, td);
@@ -1132,6 +1132,11 @@ static int nand_scan_bbt(struct mtd_info *mtd, struct nand_bbt_descr *bd)
mark_bbt_region(mtd, md);

vfree(buf);
+ return 0;
+
+err:
+ kfree(this->bbt);
+ this->bbt = NULL;
return res;
}

--
1.9.1

N?叉??y??b??千v??藓{.n???{?赙zXФ?塄}?财??j:+v???赙zZ+?zf"?????i????ア??璀??撷f?^j谦y??@A?囤?0鹅h??i