remove the optimisation of NULL checking it inline, kfree/rtw_free_netdev
will take care if that would ever be the case.
Signed-off-by: Haowen Bai <[email protected]>
---
drivers/staging/r8188eu/os_dep/usb_intf.c | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/drivers/staging/r8188eu/os_dep/usb_intf.c b/drivers/staging/r8188eu/os_dep/usb_intf.c
index 91792df..8d1ac48 100644
--- a/drivers/staging/r8188eu/os_dep/usb_intf.c
+++ b/drivers/staging/r8188eu/os_dep/usb_intf.c
@@ -425,10 +425,8 @@ static struct adapter *rtw_usb_if1_init(struct dvobj_priv *dvobj,
rtw_handle_dualmac(padapter, 0);
free_adapter:
if (status != _SUCCESS) {
- if (pnetdev)
- rtw_free_netdev(pnetdev);
- else if (padapter)
- vfree(padapter);
+ rtw_free_netdev(pnetdev);
+ vfree(padapter);
padapter = NULL;
}
exit:
--
2.7.4
Hi Haowen,
On 3/11/22 13:33, Haowen Bai wrote:
> remove the optimisation of NULL checking it inline, kfree/rtw_free_netdev
> will take care if that would ever be the case.
>
> Signed-off-by: Haowen Bai <[email protected]>
> ---
> drivers/staging/r8188eu/os_dep/usb_intf.c | 6 ++----
> 1 file changed, 2 insertions(+), 4 deletions(-)
>
> diff --git a/drivers/staging/r8188eu/os_dep/usb_intf.c b/drivers/staging/r8188eu/os_dep/usb_intf.c
> index 91792df..8d1ac48 100644
> --- a/drivers/staging/r8188eu/os_dep/usb_intf.c
> +++ b/drivers/staging/r8188eu/os_dep/usb_intf.c
> @@ -425,10 +425,8 @@ static struct adapter *rtw_usb_if1_init(struct dvobj_priv *dvobj,
> rtw_handle_dualmac(padapter, 0);
> free_adapter:
> if (status != _SUCCESS) {
> - if (pnetdev)
> - rtw_free_netdev(pnetdev);
> - else if (padapter)
> - vfree(padapter);
> + rtw_free_netdev(pnetdev);
> + vfree(padapter);
> padapter = NULL;
> }
> exit:
I don't see such code on staging-testing branch.
All error handling code was refactored in commit 13456b9. Please, always
base your code on top of newest branch but not upstream one
With regards,
Pavel Skripkin
On Fri, Mar 11, 2022 at 06:33:21PM +0800, Haowen Bai wrote:
> remove the optimisation of NULL checking it inline, kfree/rtw_free_netdev
> will take care if that would ever be the case.
>
> Signed-off-by: Haowen Bai <[email protected]>
> ---
> drivers/staging/r8188eu/os_dep/usb_intf.c | 6 ++----
> 1 file changed, 2 insertions(+), 4 deletions(-)
>
> diff --git a/drivers/staging/r8188eu/os_dep/usb_intf.c b/drivers/staging/r8188eu/os_dep/usb_intf.c
> index 91792df..8d1ac48 100644
> --- a/drivers/staging/r8188eu/os_dep/usb_intf.c
> +++ b/drivers/staging/r8188eu/os_dep/usb_intf.c
> @@ -425,10 +425,8 @@ static struct adapter *rtw_usb_if1_init(struct dvobj_priv *dvobj,
> rtw_handle_dualmac(padapter, 0);
> free_adapter:
> if (status != _SUCCESS) {
> - if (pnetdev)
> - rtw_free_netdev(pnetdev);
> - else if (padapter)
> - vfree(padapter);
> + rtw_free_netdev(pnetdev);
> + vfree(padapter);
The rtw_free_netdev() frees padapter so this patch would introduce a
double free.
This driver is kind of garbage so I don't really fault you for making
this mistake. If the error handling and cleanup were written in the
correct way it would avoid accidentally creating bugs like this:
https://lore.kernel.org/all/20210831084735.GL12231@kadam/
The correct thing is to not call rtw_free_netdev() from rtw_usb_if1_init()
but to instead call:
free_netdev:
free_netdev(pnetdev);
handle_dualmac:
rtw_handle_dualmac(padapter, 0);
free_padapter:
vfree(padapter);
Also you need to work against the latest linux-next or staging-next
tree.
regards,
dan carpenter