We returned a freed variable on some error paths when the intent was
to return a NULL. Part of the reason this was missed was that the
code was confusing because it had too many gotos so I removed them
and simplified the flow a bit.
Signed-off-by: Dan Carpenter <[email protected]>
diff --git a/net/nfc/nci/core.c b/net/nfc/nci/core.c
index 895e5fd..06330cd 100644
--- a/net/nfc/nci/core.c
+++ b/net/nfc/nci/core.c
@@ -490,19 +490,19 @@ struct nci_dev *nci_allocate_device(struct nci_ops *ops,
int tx_headroom,
int tx_tailroom)
{
- struct nci_dev *ndev = NULL;
+ struct nci_dev *ndev;
nfc_dbg("entry, supported_protocols 0x%x", supported_protocols);
if (!ops->open || !ops->close || !ops->send)
- goto exit;
+ return NULL;
if (!supported_protocols)
- goto exit;
+ return NULL;
ndev = kzalloc(sizeof(struct nci_dev), GFP_KERNEL);
if (!ndev)
- goto exit;
+ return NULL;
ndev->ops = ops;
ndev->tx_headroom = tx_headroom;
@@ -517,13 +517,11 @@ struct nci_dev *nci_allocate_device(struct nci_ops *ops,
nfc_set_drvdata(ndev->nfc_dev, ndev);
- goto exit;
+ return ndev;
free_exit:
kfree(ndev);
-
-exit:
- return ndev;
+ return NULL;
}
EXPORT_SYMBOL(nci_allocate_device);
2011/9/23 Dan Carpenter <[email protected]>:
> We returned a freed variable on some error paths when the intent was
> to return a NULL. Part of the reason this was missed was that the
> code was confusing because it had too many gotos so I removed them
> and simplified the flow a bit.
>
> Signed-off-by: Dan Carpenter <[email protected]>
Acked-by: Lauro Ramos Venancio <[email protected]>