2013-09-23 09:56:59

by Wei Yongjun

[permalink] [raw]
Subject: [PATCH] i2o: add missing destroy_workqueue() on error in i2o_driver_register()

From: Wei Yongjun <[email protected]>

Add the missing destroy_workqueue() before return from
i2o_driver_register() in the error handling case.

Signed-off-by: Wei Yongjun <[email protected]>
---
drivers/message/i2o/driver.c | 16 ++++++++++------
1 file changed, 10 insertions(+), 6 deletions(-)

diff --git a/drivers/message/i2o/driver.c b/drivers/message/i2o/driver.c
index 813eaa3..c3d8462 100644
--- a/drivers/message/i2o/driver.c
+++ b/drivers/message/i2o/driver.c
@@ -105,7 +105,8 @@ int i2o_driver_register(struct i2o_driver *drv)
osm_err("too many drivers registered, increase "
"max_drivers\n");
spin_unlock_irqrestore(&i2o_drivers_lock, flags);
- return -EFAULT;
+ rc = -EFAULT;
+ goto out;
}

drv->context = i;
@@ -124,11 +125,14 @@ int i2o_driver_register(struct i2o_driver *drv)
}

rc = driver_register(&drv->driver);
- if (rc) {
- if (drv->event) {
- destroy_workqueue(drv->event_queue);
- drv->event_queue = NULL;
- }
+ if (rc)
+ goto out;
+
+ return 0;
+out:
+ if (drv->event_queue) {
+ destroy_workqueue(drv->event_queue);
+ drv->event_queue = NULL;
}

return rc;


2013-09-23 15:47:37

by Kees Cook

[permalink] [raw]
Subject: Re: [PATCH] i2o: add missing destroy_workqueue() on error in i2o_driver_register()

On Mon, Sep 23, 2013 at 2:56 AM, Wei Yongjun <[email protected]> wrote:
> From: Wei Yongjun <[email protected]>
>
> Add the missing destroy_workqueue() before return from
> i2o_driver_register() in the error handling case.
>
> Signed-off-by: Wei Yongjun <[email protected]>

Good catch!

Acked-by: Kees Cook <[email protected]>

--
Kees Cook
Chrome OS Security

2013-09-24 23:46:49

by Andrew Morton

[permalink] [raw]
Subject: Re: [PATCH] i2o: add missing destroy_workqueue() on error in i2o_driver_register()

On Mon, 23 Sep 2013 17:56:56 +0800 Wei Yongjun <[email protected]> wrote:

> From: Wei Yongjun <[email protected]>
>
> Add the missing destroy_workqueue() before return from
> i2o_driver_register() in the error handling case.

yup.

> --- a/drivers/message/i2o/driver.c
> +++ b/drivers/message/i2o/driver.c
> @@ -105,7 +105,8 @@ int i2o_driver_register(struct i2o_driver *drv)
> osm_err("too many drivers registered, increase "
> "max_drivers\n");
> spin_unlock_irqrestore(&i2o_drivers_lock, flags);
> - return -EFAULT;
> + rc = -EFAULT;

Why on earth does this function return -EFAULT (twice)? Imagine the poor
user's confusion if that code gets propagated back to his application
or shell.