Fixes: 57c5f4df0a5a ("uio: fix crash after the device is unregistered")
Signed-off-by: liujian <[email protected]>
---
drivers/uio/uio.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/uio/uio.c b/drivers/uio/uio.c
index 5c10fc7..bde7d7a 100644
--- a/drivers/uio/uio.c
+++ b/drivers/uio/uio.c
@@ -496,7 +496,7 @@ static int uio_open(struct inode *inode, struct file *filep)
if (!idev->info) {
mutex_unlock(&idev->info_lock);
ret = -EINVAL;
- goto err_alloc_listener;
+ goto err_infoopen;
}
if (idev->info && idev->info->open)
@@ -508,6 +508,7 @@ static int uio_open(struct inode *inode, struct file *filep)
return 0;
err_infoopen:
+ filep->private_data = NULL;
kfree(listener);
err_alloc_listener:
--
2.7.4
On 2019/1/3 0:26, liujian wrote:
> Fixes: 57c5f4df0a5a ("uio: fix crash after the device is unregistered")
> Signed-off-by: liujian <[email protected]>
> ---
> drivers/uio/uio.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/uio/uio.c b/drivers/uio/uio.c
> index 5c10fc7..bde7d7a 100644
> --- a/drivers/uio/uio.c
> +++ b/drivers/uio/uio.c
> @@ -496,7 +496,7 @@ static int uio_open(struct inode *inode, struct file *filep)
> if (!idev->info) {
> mutex_unlock(&idev->info_lock);
> ret = -EINVAL;
> - goto err_alloc_listener;
> + goto err_infoopen;
> }
>
> if (idev->info && idev->info->open)
> @@ -508,6 +508,7 @@ static int uio_open(struct inode *inode, struct file *filep)
> return 0;
>
> err_infoopen:
Maybe we should rename the "err_infoopen" to something like
"err_idev_info"...
Thanks.
BRs
> + filep->private_data = NULL;
> kfree(listener);
>
> err_alloc_listener:
> -----Original Message-----
> From: [email protected]
> [mailto:[email protected]] On Behalf Of Xiubo Li
> Sent: Wednesday, January 02, 2019 2:37 PM
> To: liujian (CE) <[email protected]>
> Cc: [email protected]; [email protected]
> Subject: Re: [PATCH] driver: uio: fix possible memory leak in uio_open
>
> On 2019/1/3 0:26, liujian wrote:
> > Fixes: 57c5f4df0a5a ("uio: fix crash after the device is
> > unregistered")
> > Signed-off-by: liujian <[email protected]>
> > ---
> > drivers/uio/uio.c | 3 ++-
> > 1 file changed, 2 insertions(+), 1 deletion(-)
> >
> > diff --git a/drivers/uio/uio.c b/drivers/uio/uio.c index
> > 5c10fc7..bde7d7a 100644
> > --- a/drivers/uio/uio.c
> > +++ b/drivers/uio/uio.c
> > @@ -496,7 +496,7 @@ static int uio_open(struct inode *inode, struct file
> *filep)
> > if (!idev->info) {
> > mutex_unlock(&idev->info_lock);
> > ret = -EINVAL;
> > - goto err_alloc_listener;
> > + goto err_infoopen;
> > }
> >
> > if (idev->info && idev->info->open) @@ -508,6 +508,7 @@ static int
> > uio_open(struct inode *inode, struct file *filep)
> > return 0;
> >
> > err_infoopen:
>
> Maybe we should rename the "err_infoopen" to something like
> "err_idev_info"...
>
Yes, it's better to change this, I will send v2, thank you~
Best Regards,
liujian
> Thanks.
>
> BRs
>
> > + filep->private_data = NULL;
> > kfree(listener);
> >
> > err_alloc_listener:
>