When DEBUG_SPI is included in the debug log level wl1271_spi_reset()
will dump the already freed memory instead of the SPI buffer.
This bug was spotted by the semantic patch tool coccinelle using the
script found at scripts/coccinelle/free/kfree.cocci.
More information about semantic patching is available at
http://coccinelle.lip6.fr/
Signed-off-by: Mathias Krause <[email protected]>
---
drivers/net/wireless/wl12xx/spi.c | 3 +--
1 files changed, 1 insertions(+), 2 deletions(-)
diff --git a/drivers/net/wireless/wl12xx/spi.c b/drivers/net/wireless/wl12xx/spi.c
index 4671491..7145ea5 100644
--- a/drivers/net/wireless/wl12xx/spi.c
+++ b/drivers/net/wireless/wl12xx/spi.c
@@ -110,9 +110,8 @@ static void wl1271_spi_reset(struct wl1271 *wl)
spi_message_add_tail(&t, &m);
spi_sync(wl_to_spi(wl), &m);
- kfree(cmd);
-
wl1271_dump(DEBUG_SPI, "spi reset -> ", cmd, WSPI_INIT_CMD_LEN);
+ kfree(cmd);
}
static void wl1271_spi_init(struct wl1271 *wl)
--
1.5.6.5
On Mon, 2011-01-31 at 20:47 +0100, John W. Linville wrote:
> On Sun, Jan 30, 2011 at 11:29:47AM +0100, Mathias Krause wrote:
> > When DEBUG_SPI is included in the debug log level wl1271_spi_reset()
> > will dump the already freed memory instead of the SPI buffer.
> >
> > This bug was spotted by the semantic patch tool coccinelle using the
> > script found at scripts/coccinelle/free/kfree.cocci.
> >
> > More information about semantic patching is available at
> > http://coccinelle.lip6.fr/
> >
> > Signed-off-by: Mathias Krause <[email protected]>
>
> Luca, I'll go ahead and apply this one directly to wireless-2.6.
Okay, thanks John!
--
Cheers,
Luca.
On Sun, Jan 30, 2011 at 11:29:47AM +0100, Mathias Krause wrote:
> When DEBUG_SPI is included in the debug log level wl1271_spi_reset()
> will dump the already freed memory instead of the SPI buffer.
>
> This bug was spotted by the semantic patch tool coccinelle using the
> script found at scripts/coccinelle/free/kfree.cocci.
>
> More information about semantic patching is available at
> http://coccinelle.lip6.fr/
>
> Signed-off-by: Mathias Krause <[email protected]>
Luca, I'll go ahead and apply this one directly to wireless-2.6.
John
--
John W. Linville Someday the world will need a hero, and you
[email protected] might be all we have. Be ready.