Re: [PATCH 1/1] spi: fix use after free in of_spi_notify

From: Mark Brown
Date: Tue Jun 07 2022 - 12:20:49 EST


On Tue, Jun 07, 2022 at 11:52:33PM +0800, Xiaohui Zhang wrote:
> We can't use "ctlr->dev" after it has been freed.

> spi = of_register_spi_device(ctlr, rd->dn);
> - put_device(&ctlr->dev);
>
> if (IS_ERR(spi)) {
> pr_err("%s: failed to create for '%pOF'\n",
> __func__, rd->dn);
> + put_device(&ctlr->dev);
> of_node_clear_flag(rd->dn, OF_POPULATED);
> return notifier_from_errno(PTR_ERR(spi));
> }
> + put_device(&ctlr->dev);
> break;

Could you be more explicit about where the problematic use of ctlr->dev
is please?

Attachment: signature.asc
Description: PGP signature