mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-01 22:54:01 +00:00
Code Issues Releases Wiki Activity
linux-stable/drivers/mtd
History
Lv Yunlong 8adf43281a mtd: rawnand: gpmi: Fix a double free in gpmi_nand_init 
[ Upstream commit 076de75de1 ]

If the callee gpmi_alloc_dma_buffer() failed to alloc memory for
this->raw_buffer, gpmi_free_dma_buffer() will be called to free
this->auxiliary_virt. But this->auxiliary_virt is still a non-NULL
and valid ptr.

Then gpmi_alloc_dma_buffer() returns err and gpmi_free_dma_buffer()
is called again to free this->auxiliary_virt in err_out. This causes
a double free.

As gpmi_free_dma_buffer() has already called in gpmi_alloc_dma_buffer's
error path, so it should return err directly instead of releasing the dma
buffer again.

Fixes: 4d02423e9a ("mtd: nand: gpmi: Fix gpmi_nand_init() error path")
Signed-off-by: Lv Yunlong <lyl2019@mail.ustc.edu.cn>
Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com>
Link: https://lore.kernel.org/linux-mtd/20210403060905.5251-1-lyl2019@mail.ustc.edu.cn
Signed-off-by: Sasha Levin <sashal@kernel.org>
2021-05-22 10:57:28 +02:00
..
chips mtd: cfi_cmdset_0002: don't free cfi->cfiq in error path of cfi_amdstd_setup() 2020-10-01 13:12:28 +02:00
devices mtd: phram: fix a double free issue in error path 2020-04-24 08:01:24 +02:00
lpddr mtd: lpddr: fix excessive stack usage with clang 2020-10-29 09:07:08 +01:00
maps mtd: physmap_of: Release resources on error 2019-11-24 08:23:08 +01:00
nand mtd: rawnand: gpmi: Fix a double free in gpmi_nand_init 2021-05-22 10:57:28 +02:00
onenand
parsers
spi-nor mtd: spi-nor: hisi-sfc: Put child node np on error path 2021-03-03 18:22:54 +01:00
tests
ubi ubi: check kthread_should_stop() after the setting of task state 2020-11-05 11:07:03 +01:00
afs.c
ar7part.c
bcm47xxpart.c
bcm63xxpart.c
cmdlinepart.c mtd: parser: cmdline: Fix parsing of part-names with colons 2020-12-29 13:47:10 +01:00
ftl.c
inftlcore.c
inftlmount.c
Kconfig
Makefile
mtd_blkdevs.c
mtdblock.c
mtdblock_ro.c
mtdchar.c mtd: require write permissions for locking and badblock ioctls 2021-05-22 10:57:28 +02:00
mtdconcat.c
mtdcore.c
mtdcore.h mtd: Check add_mtd_device() ret code 2019-12-05 15:37:54 +01:00
mtdoops.c mtd: mtdoops: Don't write panic data twice 2020-10-29 09:07:08 +01:00
mtdpart.c mtd: Remove a debug trace in mtdpart.c 2019-12-05 15:38:04 +01:00
mtdsuper.c
mtdswap.c
nftlcore.c
nftlmount.c
ofpart.c
redboot.c
rfd_ftl.c
sm_ftl.c
sm_ftl.h
ssfdc.c