map->name needs to be freed when uvc_ioctl_ctrl_map fails.
Signed-off-by: Hangyu Hua <[email protected]>
---
drivers/media/usb/uvc/uvc_v4l2.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/media/usb/uvc/uvc_v4l2.c b/drivers/media/usb/uvc/uvc_v4l2.c
index 711556d13d03..e46a2f3b06cb 100644
--- a/drivers/media/usb/uvc/uvc_v4l2.c
+++ b/drivers/media/usb/uvc/uvc_v4l2.c
@@ -93,6 +93,7 @@ static int uvc_ioctl_ctrl_map(struct uvc_video_chain *chain,
kfree(map->menu_info);
free_map:
+ kfree(map->name);
kfree(map);
return ret;
--
2.25.1
Hi Hangyu,
Thank you for the patch.
On Thu, Mar 24, 2022 at 04:17:18PM +0800, Hangyu Hua wrote:
> map->name needs to be freed when uvc_ioctl_ctrl_map fails.
>
> Signed-off-by: Hangyu Hua <[email protected]>
> ---
> drivers/media/usb/uvc/uvc_v4l2.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/drivers/media/usb/uvc/uvc_v4l2.c b/drivers/media/usb/uvc/uvc_v4l2.c
> index 711556d13d03..e46a2f3b06cb 100644
> --- a/drivers/media/usb/uvc/uvc_v4l2.c
> +++ b/drivers/media/usb/uvc/uvc_v4l2.c
> @@ -93,6 +93,7 @@ static int uvc_ioctl_ctrl_map(struct uvc_video_chain *chain,
>
> kfree(map->menu_info);
> free_map:
> + kfree(map->name);
The memory is actually freed in uvc_ctrl_cleanup_mappings() in the
non-error case. I think we could improve this by avoiding the kmemdup()
in this function, and duplicating the name in __uvc_ctrl_add_mapping()
instead. What do you think ?
> kfree(map);
>
> return ret;
--
Regards,
Laurent Pinchart
On Thu, Mar 24, 2022 at 06:17:18PM +0100, Ricardo Ribalda wrote:
> Isnt it a dupe of:
> https://patchwork.linuxtv.org/project/linux-media/patch/[email protected]/
> ?
It is. I'll review that one.
> On Thu, 24 Mar 2022 at 18:13, Hangyu Hua <[email protected]> wrote:
> >
> > map->name needs to be freed when uvc_ioctl_ctrl_map fails.
> >
> > Signed-off-by: Hangyu Hua <[email protected]>
> > ---
> > drivers/media/usb/uvc/uvc_v4l2.c | 1 +
> > 1 file changed, 1 insertion(+)
> >
> > diff --git a/drivers/media/usb/uvc/uvc_v4l2.c b/drivers/media/usb/uvc/uvc_v4l2.c
> > index 711556d13d03..e46a2f3b06cb 100644
> > --- a/drivers/media/usb/uvc/uvc_v4l2.c
> > +++ b/drivers/media/usb/uvc/uvc_v4l2.c
> > @@ -93,6 +93,7 @@ static int uvc_ioctl_ctrl_map(struct uvc_video_chain *chain,
> >
> > kfree(map->menu_info);
> > free_map:
> > + kfree(map->name);
> > kfree(map);
> >
> > return ret;
--
Regards,
Laurent Pinchart
Isnt it a dupe of:
https://patchwork.linuxtv.org/project/linux-media/patch/[email protected]/
?
On Thu, 24 Mar 2022 at 18:13, Hangyu Hua <[email protected]> wrote:
>
> map->name needs to be freed when uvc_ioctl_ctrl_map fails.
>
> Signed-off-by: Hangyu Hua <[email protected]>
> ---
> drivers/media/usb/uvc/uvc_v4l2.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/drivers/media/usb/uvc/uvc_v4l2.c b/drivers/media/usb/uvc/uvc_v4l2.c
> index 711556d13d03..e46a2f3b06cb 100644
> --- a/drivers/media/usb/uvc/uvc_v4l2.c
> +++ b/drivers/media/usb/uvc/uvc_v4l2.c
> @@ -93,6 +93,7 @@ static int uvc_ioctl_ctrl_map(struct uvc_video_chain *chain,
>
> kfree(map->menu_info);
> free_map:
> + kfree(map->name);
> kfree(map);
>
> return ret;
> --
> 2.25.1
>
--
Ricardo Ribalda